The Black Hat 2023 conference is almost here, providing the security world with a golden opportunity to forecast the tools, techniques, and trends we’ll be seeing threat actors and security practitioners use over the next year. For attendees, understanding the hype cycle that comes with security products is essential to making informed choices on which vendors pitches to listen to and which to cruise right on by.
Here’s four trends I’m looking at ahead of Vegas:
1. The AI-washing of Black Hat
Generative AI has dominated the security conversation for months now, and Black Hat will be the next stage that vendors are able to take advantage of by, somehow, tying in AI/ML processing into their products.
However, I hope that there are some announcements about the use of large language models that are grounded in reality. For example, if a company can demonstrate substantial progress in using AI to improve the way that they communicate and interact with their customers, I would consider that a win for that vendor and the practicality of AI in general.
2. Better customer service
Customer service and customer support is generally awful for enterprise software and services, and while it’s not limited to just cybersecurity, I feel like this is the industry that creates the most questions and confusion for end-user organizations. Anything that can improve the way they have their queries addressed will be a welcome change from the “we’ll get back to you in 3 to 5 business days”.
3. Managed Service on the rise
Vendors seem to have caught on to the fact that they’re building security tools that only a few organizations can really use well. The alternative option of providing managed service to their customers has risen in popularity as organizations become more comfortable with outsourcing their security operations to experts who can provide 24×7 protection. This move is a great step for the industry and one that it will continue to take in the future.
4. Protection for the many, not the few
A combination of the attitude-shift toward in the security industry toward delivering actual solutions, rather than selling tools, as well as the advancements made in generative AI over the last year, will go a long way toward boosting the overall security of organizations in need.
In the past, public sector institutions like schools, hospitals and small local governments lacked the resources — financial and technical — to really access advanced cybersecurity protection, whether that be hiring in-house practitioners or outsourcing their protection to an external SOC. The time- and money-saving abilities of generative AI will, to some extent, “level” the security playing field to enable those institutions to receive protection that they’ve never had.
With vendors moving away from advertising shiny tools to selling positive security outcomes, I think Black Hat 2023 will be a great place for organizations in need to level up their overall security posture. Attendees should be wary of trend pitches that sound too good to be true, but also take the opportunity to listen and learn from the experts.