On August 3-8 the Black Hat USA conference will return to Mandalay Bay in Las Vegas, dominating what is always a stimulating week of cybersecurity news cycles.
Black Hat is another one of the cybersecurity community’s must-attend conferences, but no two shows are alike. Unlike RSA Conference, which follows the cruise ship approach of offering something for everyone remotely touching security, Black Hat has a tighter focus on the front lines – more like adventure tourism than a cruise. This is a conference for people who want a close-up view of hacking and the technical trends shaping hands-on security research (and want it so badly that they are willing to visit Las Vegas in August). The conference’s roots are in offensive security research. It’s a forum where people exploring how to break into software and devices to better understand their vulnerabilities can mingle with fellow researchers, incident responders defending companies and software/device developers interested in seeing their wares from an attacker’s perspective.
While it serves a narrower audience, Black Hat keeps getting bigger. Last year’s event boasted more than 19,000 attendees from around the world, participating in 90 Trainings and attending 120 Briefings (the headline-making hacking demos and talks on stage) and 90 Arsenal open-source tool presentations. The conference’s growth parallels cybersecurity’s rising fortunes and stakes everywhere across industries. During the last couple of conferences, I’ve met cyber-insurance attorneys, Capitol Hill staffers and county economic development executives – not the typical attendees you saw back in Black Hat’s Caesar’s Palace days, when the show seemed to have a fraction of today’s break-out rooms and billboards.
Black Hat is a powerful brand and plays host to some of cybersecurity’s biggest moments, while stirring its own controversy. Over the years there have been revelations drawing national media coverage, including researchers’ demonstrations of hacks exploiting ATMs and a Jeep Cherokee. This year there are several talks on the schedule drawing buzz, including “the first public analysis of the Boeing 787’s Core Network,” presentations of vulnerabilities in 5G networks and explaining tools and methods to “break the BTLE based mobile phone key system of a large hotel chain.”
Black Hat is also known for presentations raising tough, thought-provoking security questions about statecraft and society. Because I’m fascinated by journalists’ work behind their biggest stories, I’m intrigued by a talk Motherboard reporter Lorenzo Franceschi-Bicchieraiis set to give on the state of the commercial spyware market, arising out of reporting on surveillance tools being used against nations’ targets in the wild. I’m also an avid reader of military history and changing norms in national security and deterrence over the years, so Mikko Hypponen’s “Responding to a Cyber Attack with Missiles” sounds very interesting, with cyber operations increasingly a front line in geopolitical conflicts from the South China Sea to the Persian Gulf.
I look forward to connecting with reporters, industry analysts and others covering Black Hat every year. In keeping with the show’s growth tightly focused on research, I generally offer these recommendations for public relations, marketing and other communications pros looking for a productive event;
Black Hat is all about the research, period:
Reporters come here for the Briefings and to meet researchers behind show-stopping research or experts with thought-provoking views on speakers’ findings. This is not the event for launching a security product, announcing a new start-up or trying to unpack an interesting business model.
Do not overlook relationship-building, but have something to say:
Even if you are not a speaker, Black Hat is a great venue for networking with media and peers. Journalists use the show as a crossroads to meet experts doing interesting work, as well as connect with BSides Las Vegas and DEF CON speakers and attendees in town the same week. However, do not approach Black Hat / BSides / DEF CON week as a numbers game of trying to score as many meetings as possible. Credibility demands focus and reporters want specific, candid insights, so look at the vast swath of track topics and news cycles bubbling up that week and reach out to those select journalists and other influencers you see following your interests.
Create your own conference highlights:
As with any big conference, it’s increasingly hard to stand apart on Black Hat’s crowded expo floor and packed hallways. This is a great reason to consider holding your own social or networking event. In years past we have worked with clients to host retro arcades, book signings and other casual meet-ups helping speakers, journalists and other attendees connect while grabbing a bite, recharging devices and hydrating before their next talk.
If you end up with a large team at Black Hat this year, bring cameras to get creative and create content benefiting you the rest of the year. Conferences are great settings to capture team-building activities, product demos, “b-roll” of booth traffic and VIP interviews in multimedia clips for social media channels. Be sure to tag @BlackHatEvents and #BHUSA. every conference’s growing hashtags and social following that first intense week of August in Las Vegas.
What advice would you give a first-time Black Hat attendee? What do you look forward to at the show every year? Reach out via LinkedIn or Twitter to let our team know; we’ll be stocking-up on water and see you at Mandalay Bay!