Why it's worth returning to Black Hat

I may not care for Las Vegas in the heat of August, yet I would come back as everything I need to learn and everyone I need to see face to face is at Black Hat.

Concentrated in one week, I meet customers, learn from their feedback, understand how they view the market, the security industry, what we are doing right and what we should change. With so much to talk about and so much to learn, you often leave the conference feeling like you have only just touched the surface. That being said, this year's discussions provided insights into the most critical sectors for the cybersecurity industry to remain resilient and continue to be ever evolving. If there are three things that were talked about, these are the most important to take away and bring back to your boardroom.

Spotlight on non-human identity within the identity and access management arena

Often seen as human-centric, IAM actually deals with a significantly larger number of non-human identities such as service accounts, access tokens, API-Keys, and secrets used by applications. These non-human identities outnumber human ones and undergo rapid changes, necessitating software-driven management and stringent policies for effective governance and security.

Identity and Access Management (IAM) is the ongoing management of access and permissions for identities, ensuring smooth business operations while maintaining secure access to applications and resources within an organization's technology infrastructure. In contrast, Identity Lifecycle Management (ILM) encompasses the entire lifespan of identities, from creation to retirement, involving multiple stages and complexities. IAM is a component of ILM, focusing on day-to-day operational management, while secure ILM practices extend to long-term operational management. Although many organizations prioritize and regularly practice IAM, particularly in cloud environments, fewer devote attention to their ILM strategies. Amid the demands of daily tasks, they often overlook the need to evaluate the weaknesses in their IAM operations and consider the broader implications of identity management over time.

Rising concerns over third-party risks

Security risks are being brought forward by the growing dependency on third parties. 98 percent of organizations have ties to a third party that has experienced a breach. What's more, these breaches account for 29 percent of all security incidents. These non-human identities, which range from authentication tokens to API keys, serve as the interface between an organization’s internal systems and the external services they rely on. These trends highlight the need for understanding third party secrets security risks and exploring solutions that can help mitigate them.

When is cloud not talked about?

In the realm of cloud security, researchers tested whether they could break into the leading AI platforms and studied how easy it would be for attackers to gain access to confidential data.

The goal of the research was to assess the security of these platforms and determine the potential risks of storing valuable data in one of the top three AI platforms. As new AI technology has taken off, cybercriminals and nation-state actors alike have targeted third-party providers and platforms that host sensitive data and training models.

Encryption keys act as sturdy locks safeguarding the treasures within a formidable fortress. They ensure that the data of any organization remains untouched and unobserved by bad actors. AWS, Google Cloud, and Microsoft Azure offer robust key management solutions, each with distinct features, pricing, and capabilities. Yet, the journey of ensuring top-notch security doesn't end with just managing keys efficiently.

Expansion into hybrid and multi-cloud setups often increases the number of secrets distributed across various systems. This escalation in volume makes it challenging to track and protect API keys and access tokens, elevating the likelihood of unauthorized entries and possible data compromises. Addressing this challenge requires a systematic approach to manage and safeguard secrets, minimizing exposure and enhancing security posture. The journey of ensuring top-notch security doesn’t end with just managing keys efficiently. You need to have end-to-end visibility into the entire lifecycle of code from creation to retirement.

I'll see you in 2025

Black Hat offers a chance to learn valuable insights, participate in discussions and meet some of the brightest minds in cybersecurity. The magnitude of the event combined with a constantly evolving industry makes it impossible to see and learn everything one person or organization would like to. But topics like IAM and ILM to third-party risks and cloud security demonstrate the importance of staying ahead. We can take these lessons back to our teams to navigate the challenges we will inevitably encounter in the future. I look forward to returning in 2025 and seeing what real intelligence is driving cyber innovation.

Image Credit: Wayne Williams

Adam Cheriki is CTO of Entro Security.