Your program and your policy are now inextricably linked. If you do, you’ll wind up playing catch-up, and that’s not an enviable position to be in for any senior executive.Ĭyber Insurance And You, Perfect Together?īlack Hat hosted a “cyber insurance microsummit” with four briefing sessions discussing the topic from different angles - CISO, insurtech, legal, and managed security services - but the same message came through. Don’t get desensitized by the hype around this topic. The mistake to avoid here is letting that fatigue trick you into thinking these problems disappeared. Enterprise adoption will increase, vendors will need to embed generative AI capabilities into their products and services, and we will all spend the next few years thinking and reacting to generative AI’s security implications. Generative AI Fatigue Is Real … And IrrelevantĮveryone - that’s security leaders and vendors - is tired of generative AI. Applications are becoming more diverse, no longer limited to security operations use cases and broadening into application security and vulnerability management. Don’t expect general availability of these releases until the new year for the vast majority of vendors (if not all). Actual production deployments remain … hard to find. Generative AI Transitioned From Marketing To Demos While capital flowing into cybersecurity has slowed, innovation still happens, and companies with strong business models are keeping the attention of investors and customers. ![]() During the event, Rubrik and Check Point announced acquisitions, and Endor Labs announced a $70 million series A. As a final tip for vendor booth staff, make sure the people talking about your product offer more information than what can be found on Wikipedia.Īfter a year of RIFs - in an industry with an oft-mentioned talent shortage - and with vendors like Rapid7 announcing one during the event and Secureworks following on soon after, the industry is as healthy as ever based on the number of vendors, booths, and attendees. Some vendors demonstrated real value additions with a few AI applications, but a well-written python script could address most of the use cases. Demos were heavily scripted with an outsized focus on detection, conveniently forgetting that an “R” exists in MDR for a reason. ![]() But very few knew how to stand out and offer value besides claiming, “We’re the best.” Vendors without a better way to describe what they offer resurrected “single pane of glass (SPOG),” and “the everything everywhere dashboard” is also alive and kicking, but few vendors could articulate the actual value that their dashboards displayed. We’ve discussed the security services flywheel and “everything-eventually-becomes-a-service” the booths at Black Hat 2023 confirmed this phenomenon in real time. Security Services And SaaS Stood Out In The Business HallĮveryone has a flavor of managed detection and response (MDR), MXDR (this is a bad term don’t use it), or a variant of *DR. Together, we logged over 160,000 steps, attending 80 client meetings and 20 track sessions. As Tope noted upon landing, “42 degrees Celsius should be illegal.” which is why we stayed inside as much as possible. Our band of Forrester analysts - Joseph Blankenship, Jess Burn, Allie Mellen, Tope Olufon, and Jeff Pollard - spent the week in Las Vegas with temperatures well over 100 degrees Fahrenheit …. ![]() A tightly packed, noisy Business Hall included over 300 vendors and 400 organizations with booths, which was great for swag but bad for anyone with even the mildest case of claustrophobia. Black Hat USA 2023: Insights From Our Short Vegas Residencyīlack Hat has gone from being RSAC’s smaller tech and practitioner-focused cousin to being a commercial showcase for cybersecurity vendors.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |