Black Hat founder Jeff Moss says the infosec community must step up to the challenges posed by the nascent ‘decade of tech’

Black Hat Asia was held virtually in 2020

COMMENT In January 2020, the Daily Swig editorial team was in discussions over who would be sent to report from Black Hat Asia in Singapore.

Though less prominent than its Las Vegas-based counterpart, Black Hat USA, the Asia edition of the information security and hacking conference has more than justified its place in the infosec calendar, with the spring event becoming a firm fixture in the diary of security professionals, researchers, CISOs, journalists, and other industry-watchers.

As the weeks went on, however, and following the postponement of other major tech events including Mobile World Congress and DEF CON China, it became increasingly clear that Black Hat Asia would be unable to ignore the spectre of a Covid-19 pandemic.

In a strange way, this event was a harbinger of what Steve Wylie, Black Hat general manager, called an “unprecedented year with so many new challenges”.

Indeed, just six months on, the world truly does feel like a different place. The push towards home working and the onslaught of coronavirus-related scams and fraud are just two examples of how the pandemic has thrown up its own unique security challenges.

Virtual reality

One could argue that in these turbulent times the need for industry events is more important than ever, as security executives and policymakers look to embark on fact-finding missions to discover what’s working (and what’s not) for other nations and organizations.

It’s somewhat ironic, then, that the very cause of this distress has also scuppered the possibility of face-to-face discussions, at least temporarily.

But like many other security events that have taken a fresh approach in the face of coronavirus, the organizers of Black Hat have sought to ensure this dialogue can continue, albeit virtually.

RELATED Virtual cybersecurity conferences: An expanding list

And so, seven months later than planned, Black Hat Asia opened its virtual doors today (October 1). Some might be wondering why the event is going ahead at all – Black Hat USA took place in August, and the Europe edition will be held in December.

Yet despite the fact that all three events have been compressed into a five-month window, there has been little repetition of content. If anything, this shows that the pandemic has failed to have a lasting impact on the productivity of the global security research community – and that’s at least something to be optimistic about as we reach the end of a challenging year.

Jeff Moss delivers his opening remarks at Black Hat Asia 2020Jeff Moss underlined the need for diversity in security during his opening remarks at Black Hat Asia 2020

Global perspectives

The ongoing need for dialogue among the global security community was a theme continued by Black Hat founder Jeff Moss during his opening remarks today. And this need wasn’t solely being precipitated by the coronavirus, but rather by wider societal trends, as technology becomes increasingly embedded in our world.

Why is diversity so important? Global perspectives are going to become key in the direction of technology in the next decade. And why is this? Well, people are saying that the 2020s to the 2030s is the ‘decade of tech’.

We’ve heard that since the dotcom bubble, but what’s different here is [that] we’re on the threshold of several breakthroughs of technology.

Explosive growth in computing power has led to ML and AI breakthroughs, and this will continue with Moore’s Law in the next decade… We’re going to have more bio breakthroughs… robot breakthroughs, and then there’s quantum computing, and 5G [and] 6G.

What’s happening here is, as the technology spreads around the globe and becomes more important in everybody’s lives, governments are going to be looking to us to try to interpret the risks and provide advice on the security around these technologies.

Something I’m fond of saying is that internet problems are global problems. And this is really a reflection that. If there’s an attack in one country, it might impact routing for other countries.

If one country does a BGP hijack, it might suck traffic from a third, uninvolved party. And to resolve these conflicts and these tensions, you’re going to have to have conversations with people in countries other than your own.

You’re going to have to understand other cultures, other languages. And so therefore I think a more diverse cybersecurity population will only benefit us going forward.

– Jeff Moss

Security ‘no longer a private problem’

The necessity for fresh security perspectives was reflected in the choice of keynote speaker at Black Hat Asia today, as Gaurav Keerthi, deputy chief executive of the Cyber Security Agency of Singapore (CSA) riffed on the island-state’s renown for embracing the principles of the ‘smart city’ and asked the question: should cybersecurity be a public good?

“Cyber hygiene is becoming a public health crisis,” Keerthi said. “Just like water sanitation, it’s no longer a private problem.”

He added: “Now, as more users connect to the internet, whether it’s through their laptops, their phones, their smartwatches, their baby cameras, their WiFi routers, we need to be worried about our essential services being DDOS’ed by botnets, just like the Mirai attacks in 2016.”

Gaurav Keerthi of the Cyber Security Agency of Singapore delivers the Black Hat 2020 keynoteGaurav Keerthi of the Cyber Security Agency of Singapore delivered the Black Hat 2020 keynote

Offering his thoughts on his home nation’s approach to cybersecurity in 2020, Keerthi said: “In Singapore, we’re rolling out the ‘Safer Cyberspace Master Plan’, which is a master plan to build a safer cyberspace to protect all users, small and big. And it’s ambitious. It seeks to rebalance this equation. We want to make Singapore one of the most cyber-secure nations in the world.”

Keerthi wrapped up his keynote by saying that cybersecurity has evolved to become a “complex monster that even the initiated professionals find it challenging to understand”. And for the CSA executive, this is an unsustainable situation.

“Cybersecurity needs to be usable in order to be effective,” he urged. “It needs to be inclusive. Every person is part of our ecosystem, small and big, not just the technically savvy ones.”

The Daily Swig will be back with more coverage of Black Hat Asia throughout the week.

YOU MIGHT ALSO LIKE Latest web hacking tools – Q3 2020