Join Sean Martin and Marco Ciappelli in a lively conversation about the global impact of the Black Hat Platform and the unique flavors each regional event brings to the cybersecurity community. From London’s vibrant culture to the balance between global trends and local insights, this episode captures the heart of innovation, collaboration, and candid dialogue.
Guest: Steve Wylie, Vice President, Cybersecurity Market at Informa Tech [@InformaTechHQ] and General Manager at Black Hat [@BlackHatEvents]
On LinkedIn | https://www.linkedin.com/in/swylie650/
On Twitter | https://twitter.com/swylie650
____________________________
Hosts:
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
Episode Notes
London as the Backdrop for Innovation and Culture
The conversation kicked off with reflections on London’s vibrant mix of history, culture, and modernity. Marco captured it perfectly, noting the city’s knack for staying on the cutting edge of fashion, music, and movement. Sean chimed in, describing the city as a destination where “cool kids” converge. It’s this ever-evolving energy that makes London the ideal host for forward-thinking gatherings like Black Hat.
Sean and Marco’s admiration for the city wasn’t just about its aesthetics but also its role in shaping global conversations. London is a place where the local meets the global, a theme that would resonate throughout their discussion.
Black Hat’s Expanding Global Reach
Sean and Marco highlighted the global nature of the cybersecurity community, emphasizing Black Hat’s international presence. Marco pointed out how the event has grown beyond its Las Vegas origins, with thriving editions in Europe, Asia, the Middle East, and beyond. This expansion reflects not only a growing need for cybersecurity collaboration but also the importance of tailoring conversations to regional contexts.
Sean observed how each edition of Black Hat carries a unique flavor, shaped by local cultures and challenges. He praised the effort to include regional experts on review boards, ensuring that the content resonates with specific audiences. From Riyadh to Toronto, this approach has made Black Hat a truly global force.
Celebrating Local Voices in Global Conversations
One of the key takeaways from the conversation was the importance of amplifying local voices in global discussions. Marco commended Black Hat’s dedication to fostering a sense of ownership among local cybersecurity communities. Sean agreed, noting how local insights enrich the broader, boundaryless research presented at these events.
The duo discussed the balance between global trends, like AI and supply chain security, and region-specific concerns, such as policy-driven discussions in Europe or industrial focus in Canada. This nuanced approach ensures that every Black Hat event feels relevant, impactful, and inclusive.
Sean and Marco’s Chemistry: Informal Yet Insightful
Beyond the topics, the conversation was marked by the easy rapport between Sean and Marco. They navigated seamlessly from cybersecurity strategy to the lighter moments, like teasing each other about wardrobe choices for London’s chilly December weather. Marco’s love for local cuisine even sparked a playful detour into Italian titles for hardware hacking sessions.
It’s this blend of professional insight and personal charm that makes their discussions so engaging. Whether they’re debating the merits of AI sessions or reminiscing about hallway chats at past events, Sean and Marco bring an authenticity that keeps listeners coming back.
Looking Ahead
As the conversation wrapped up, Sean and Marco hinted at their plans to keep “Chats on the Road” moving forward. While they may not make it to every event, their commitment to bringing the community’s stories to light remains steadfast. Whether you’re attending Black Hat in person or following along from afar, Sean and Marco ensure that the spirit of innovation and collaboration is accessible to all.
Stay tuned as they continue to explore the intersections of technology, culture, and community, one conversation at a time.
Be sure to follow our Coverage Journey and subscribe to our podcasts!
____________________________
This Episode’s Sponsors
HITRUST: https://itspm.ag/itsphitweb
____________________________
Resources
Learn more about Black Hat Europe 2024: https://www.blackhat.com/eu-24/
Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverage
____________________________
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast
To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast
Want to tell your Brand Story Briefing as part of our event coverage?
Learn More 👉 https://itspm.ag/evtcovbrf
Beyond the Briefings: Exploring the Pulse of Cybersecurity Communities | A Black Hat Europe 2024 Conversation with Steve Wylie | On Location Coverage with Sean Martin and Marco Ciappelli
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
Sean Martin: [00:00:00] Marco.
Marco Ciappelli: Sean, where are you?
Sean Martin: Where am I? Where am I heading?
Marco Ciappelli: I don't know.
Sean Martin: Where, where, where is the cool, where are the cool kids headed? That's the real question.
Marco Ciappelli: Cool kids? I don't know. I feel like in the UK, London, London is a place full of cool kids, cool music, a lot of fashion, new movement. It's always been like that.
Sean Martin: Exactly.
Marco Ciappelli: You know what else is there?
Sean Martin: What's that?
Marco Ciappelli: Black cat.
Sean Martin: I know. One of our, one of our favorite, uh, groups. And for those watching, they see Steve there, uh, smiling as we talk about, uh, Black Hat in London. Steve, it's good to see you.
Steve Wylie: Good to see you guys as well. And coincidentally, Black Hat is also one of my favorite cyber security conferences.
So how surprising,
Marco Ciappelli: you know, that's cool. You know what I was thinking, Steve is like, when we started many years ago, we always made the birthday joke [00:01:00] with the ITSP magazine, because it was actually when we got together with the idea of creating it. And we started with the, you know, With the Las Vegas event and then now it's become not just once a year we we connect with you with a with a black hat Europe with sector in Toronto and I know you just came back from a really great event in Riyadh as well.
So I want to start with welcoming you. Uh, and kind of like getting the picture of how this global presence because it's becoming a global presence for black cat is working out and if you need to adapt to certain different topics and culture or if you're just you have it so special that It works everywhere.
Steve Wylie: Yeah. Yeah. Happy to speak to that. We did just have, uh, Blackhat, uh, Middle East and Africa last week in, in, uh, just outside of Priyad. [00:02:00] Um, and I was just thinking that when you were saying that, that, uh, Marco, we do probably need to get you guys your own sort of. Recording studio at all these events at some point, because you've been now nearly to all of the, uh, the Black Hat events.
Marco Ciappelli: Um, exactly.
Steve Wylie: And we always love having you guys there, um, covering all the things happening, uh, at Black Hat. So yeah, a little bit about kind of at a portfolio level of Black Hat. It's five events. We've got the, you know, the flagship original event in Las Vegas that you guys are very familiar with and it also happens to coincide with the The, the birthday of ITSP, um, we've got, uh, Black Hat Europe, which is coming up next week in London.
We've got Black Hat Asia, which takes place in Singapore, and we've got, uh, Black Hat Middle East and Africa, which again takes place in Riyadh. And then the event that you guys read a few weeks back in Toronto, Sector, which was an event we acquired back in 2019. So it's the five events, um, in terms of how they, how are they alike?
How are they, um, different? Uh, [00:03:00] generally speaking, we, we try to have some of the same common elements at a Black Hat event that people are familiar with. So a lot of the content programs are consistent in terms of, you know, What they are and their format. So a Black Hat briefing is a Black Hat briefing around the world.
Black Hat trainings, Arsenal programs. We've got all of the Black Hat events as well. So there's a lot of commonalities. I think what you need to do when you're when you've got a portfolio of events around the globe is make sure that you're in tune with the local cybersecurity community and market in terms of.
Needs in that part of the world. So we do spend a lot of time from a content standpoint, making sure that the content is relevant to the local market. So over the years, we've increasingly made our boards. We've got editorial boards that review all the content coming in through the call for papers from the community.
Uh, those folks are largely from the region so that we make sure that we're staying in tuned there with what the pressing topics are, what needs to be covered. Um, so it's, there's a lot that are [00:04:00] things about the events that are similar and Yeah, they each sort of have their own flavor as well, uh, as we, as we, you know, see the year progress and go from one event to the next.
Marco Ciappelli: And I think that's the mention. I'm going to let you go, but I was actually looking at the, at the review board and I see familiar faces on arrows from Italy and few others that I know from. And, uh, I think that's, that's key, right? Like, get the pulse of the region with people from the region. I mean, I wouldn't say it wouldn't work if it was just one general one, but definitely, I'm a big fan of the local that work as a community for the global vision of cybersecurity.
So I love that.
Steve Wylie: I think, um, these communities also take a lot of pride, uh, in their edition of Blackhat, right? So I think you, you want it to be more locally driven. And, and, you know, um, you know, I was, I was just in, in Riyadh last week for Blackhat Middle East and Africa. And that is a [00:05:00] fantastic, vibrant community.
Hacker community out there and as Saudi Arabia is really opening up to the world It is it's great to see all the all the hackers there. We did a huge capture the flag There is a tremendous amount of focus in that part of the world on cyber security for good good reasons, right? There's a lot of industry to protect there And public and private sector interest as well.
So it's, uh, it's good to see the event take on a more localized flavor being driven by a lot of local people as well. And we see that at all of the blackhead events, when you go up to sector, it's very distinctly a Canadian flavored cybersecurity conference, it's their conference, and it's largely addressing things that, um, are, are, are.
Applicable certainly to Canada. There's a lot of more localized Canadian content, but then there's also the global content coming from the research community. And we try to sort of mix it up with a little bit of global, a little bit of more regionalized content. [00:06:00]
Sean Martin: Yeah, as we do more, more, uh, with you, Steve and the team in different parts of the world, what I'm really recognizing is.
The non yeah, the no boundaries leading edge research. So there's technology used all around the world. Maybe some more heavily in some regions than others, but there's technology that drives our businesses, runs our, runs our governments, support society and the cultures that they want to. To maintain and grow and then there's the actual culture part of it, um, which defines how business runs business in Singapore is different than business Australia, Toronto, and so on, and largely driven by policy, which is different in these regions.
And also, um, just the way people think and the way, the way they adopt tech, these different technologies and the [00:07:00] conversations. Change. So the broad research and the leading edge, super important, but then the local conversations revolving around what's important to them and their business and their, and their regulatory and landscape and the culture that they, that they live within, um, it's super important to hear those conversations as well.
And that's why I love being part of what you're doing, uh, in each of these different regions, cause it's. It sheds light on what's really important to the CISOs and their teams and their risk manager and privacy manager, uh, counterparts and all the other departments that make business run and, and, uh, Government run and society safe, right?
Steve Wylie: Absolutely. I, I think where we see that most is in the keynote programs and, uh, it probably also our CISO summit center executive summits that we, that we run because you'll tend to see more regional, you know, fortune 100, fortune 500. See, so, you know, at at the [00:08:00] coming from their part of the world. Um, so, therefore, the content needs to be a little bit more geared towards what are the pressing issues in that, you know, for for companies in that part of the world.
And on the keynote stage, we always try to balance and have a little bit of more of the cyber security community visionary. As well as, you know, the Black Hat events are fantastic events as platforms for our overall, um, community and the cybersecurity industry itself. So we always want to have a little bit of policy in the mix as well, and really make sure that we're plugged in and relevant to what's happening, um, at a government level and in policy across governments.
You know, we'll have Black Hat Europe next week, and that's a big, a big area of focus for us. As well. So it's, it's always balancing all the various constituents that come to black hat and make sure that we've got the right content for all of them. Um, expanding content where we think there's more opportunity to go deeper into specific areas as well, which we've done more of as well this year.
So it's, it's exciting. And to [00:09:00] your point, Your earlier point, I mean, the world is only becoming more digitized and therefore there's only more things that need to be looked at in terms of security. So it's, uh, you know, a platform like Blackhat where we're providing that opportunity for the researchers to come and present their research on how to make things more hardened, more secure to vulnerabilities is so important.
So I think that's, that's, we only see that getting bigger Get in and more of that coming. So it's it's ever important that we make sure platforms like platform like black had exist to provide the researchers with that megaphone to get out to the to the wider community. What they're, you know, the work that they're doing, the important work that they're doing and how it can help all of us as a learning.
Marco Ciappelli: Yep, and that's happening December 9 to the 12th, 2024 at the Excel, been there a few times, great location. I usually go there in the summer, so I'm, uh, I think it's a [00:10:00] little chilly on the, on the, on the river there, but Bring your, bring your, what's your coat? Exactly, nevertheless exciting.
Sean Martin: I'll have some tea, a cup of tea will keep you warm.
Steve Wylie: A nice cup of tea. Maybe, uh, a pint, uh, of lager, uh, that's always a good thing after the conference or maybe, you know, towards the tail end of the conference. I don't want to encourage day drinking necessarily, but
Marco Ciappelli: there is,
Steve Wylie: there's always a reception. Yes.
Marco Ciappelli: So talking about that more specifically, I enjoy sharing, you know, your opinion and vision on what's going on in the five events that you guys have around the world, but.
But let's dive in it's it's uh, you know when that's the moment when I ask you to pick your favorite child child and Tell me yeah, what is this is sticking out there and and get
Sean Martin: you can pick three this time
Marco Ciappelli: Three, okay.
Sean Martin: Wow, that is a couple keynotes in the main stage. I
Steve Wylie: I only have uh, 30 [00:11:00] 34 sessions I want to go through with you guys now, um Yeah, no, happy to pick out a few a few favorites.
Let me start with with the keynote program. Kind of start with the bigger, bigger picture stuff. That's all right. And then I'll, I'll mention a couple of the briefings as well that jump out for the black hat review board. Um, so I'm excited about our keynote program this year, as I mentioned before, we always try to kind of.
have a little bit of policy, a little bit of, um, you know, some of the more technical, um, visionary talks. So our, our, our first one is a little bit, a little bit of both. Our first keynote speaker is Frédéric Douzet, who's Director of Geopolitics at Datasphere or GEOD at the University of Paris. And Frederique is addressing a hugely important topic that we hear about a lot in this, in this industry.
It's about critical infrastructure and the vulnerability of our critical infrastructure around the globe. The United States recently put out a call to other government leaders and Internet authorities [00:12:00] around specifically around, um. better protecting our internet routing infrastructure from sabotage.
Uh, and internationally, the OECD, which is the Organization for Economic Cooperation and Development, is also calling for a stepped up security for our underlying internet routing systems. So a pretty technical topic, but also, uh, Hugely important on a, on a global, uh, on the global sort of, uh, level. Uh, so Frederique's keynote will speak directly to why this is important.
Looking at critical vulnerabilities in internet routing today, how, and how proposed technology security changes will better, uh, protect the global infrastructure for the future. She's, um, she's also using, she's. She gave us a little bit of a sneak peek of this, a data visualization where she'll look at routing, you know, Internet routing, uh, and the effects of cable cuts.
And this is so timely for us because we're just seeing in the news, just in the last few weeks, [00:13:00] um, Issues around, you know, the U. S. Government's been been warning the critical infrastructure was especially vulnerable. We've seen that in the news quite a bit. And in just the last couple of weeks, we've seen attacks in the Baltic Sea is one example.
So she's got some real world data visualizations there. She's taking data from Russia and Iran, sort of from recent events. So I think that's gonna be super interesting. technical talk, but also, um, highly strategic from a, just the, the security of our global internet, internet infrastructure. So that's my first, uh, favorite, uh, favorite talk to call to your attention.
And then I think, um, our second keynote is, uh, really more of a, uh, it's, it's focused around cybercrime. Uh, and this is a talk that's going to, uh, focus squarely on public and private sector cooperation, which we hear that a lot. That's, that's so important. So this is a definite call for greater public and private sector cooperation.
Our speaker is Eric Freycinet, and he is Brigadier [00:14:00] General with the French Gendarmerie Nationale, which is basically France's national, uh, enforcement agency, law enforcement agency under the French Armed Forces. So, um, so this is very much, um, focused on the important topic of the Fighting cybercrime and kind of what, what Frederic is going to, sorry, what, uh, what, um, Eric is going to cover in his talk is really, you know, looking at some of the challenges of fighting cybercrime, but across both public and private sector, providing some insights into, you know, where they're finding successes and where they're still facing a lot of challenges.
And, and he'll come with also some proposals on where he thinks needs to be. Things need to go, uh, for the future to better public, uh, to better harness public private, uh, sector cooperation in the, in the fight of cybercrime. So you have two very different flavored keynotes, uh, from two senior level folks from different perspectives.
That's always the way we'd like to sort of frame and set up our keynote program.[00:15:00]
Sean Martin: I love it. Yep. Two, two great sessions there. Um, I'm going to, there's another main stage on Thursday, uh, closing out. I'm going to, I'll end with that one, but there's another main stage. On Wednesday.
Steve Wylie: Yeah, so this is a new program for us at Black Hat. It's the Black Hat main stage. And the idea here is we want to hear from thought leaders from the cybersecurity industry, uh, for, you know, on important topics, trends, insights, et cetera.
So at Black Hat Europe this year, we're going to hear from Danny Jenkins. He's CTO and co founder of ThreatLocker. And Danny, he's someone who comes from the cyber security community, starting out his career in I. T. quickly becoming a sought after ethical hacker. Uh, and he's been, you know, been very, uh, much on the, um, on, on the topic of supply chain.
Security and, and sort of why that needs to be, be always top of [00:16:00] mind. We've obviously had a lot of stories in the news over the last couple of years about why that is. So his talk is going to specifically address vulnerabilities and risk management around software and global supply chains. So that talk is happening, happening on December 11th at 1215.
And again, that's on the Black Hat main stage. And that's a new program for us at all of the Black Hat events that we're hoping to do more of, uh, in 2025 as well.
Sean Martin: Yeah, he's a, he's a good speaker too. We've had him on the show actually. And then the other one is. Filled with a bunch of people we know on Thursday, you want to cover that one?
And that's a, that's a panel. Mr. Moss. Yeah.
Steve Wylie: Yeah. So I think this is relatively unique to Black Hat, but we'd like to do a wrap up session with some members of our Black Hat review board, the people that are selecting the content. And it's always interesting to get their take on, you know, the thought process that went into selecting the content.
They see it live. A lot of the review board come to the event and see that they'd like to come and audit the conference and just see how their [00:17:00] selections are resonating with the audience and and how they they see them as well. So it's a chance just to sort of regroup in a public forum on what transpired at the event.
Any key themes that emerged any surprises in terms of what they were expecting. So it's just a great sort of, you know, a great opportunity to kind of. Ending point to it, to the conference and then really make sure that we're focusing all of us, including our audience on key takeaways. And you know, where do they learn from the event and carry that forward in their own, uh, with their own businesses.
So chaired by Jeff Moss, founder of a black hat. So that's always a, a nice wrap up session, uh, to end out the week.
Marco Ciappelli: Yeah, Jeff, I think you had a full, uh, auditorium in, in Las Vegas. I made a joke. That was like a concert. Yeah, I made a joke. It looked like a concert and he commented on that because Sean actually took a really nice picture.
It looked like black, you know, black people. Metallica were coming up and it was crowded [00:18:00] and packed and, and I think he got an idea. So I don't know, maybe in the future, there'll be music. I don't know.
Sean Martin: When you're known as the dark tangent.
Marco Ciappelli: You could expect that.
Steve Wylie: I'm watching the AV teams trying to, uh, you know, cause to outdo each other, they see the keynote production from one event to the next.
And certainly the one in Las Vegas is a big, is a big production and, and, uh, And the one I just came from in, uh, in Riyadh was also a big, you know, lasers and smoke and all the works. So it's, uh, it's always fun.
Marco Ciappelli: Yeah. Yeah. Just need to shredded guitar or something like that. Uh, okay. So, uh, summit. Executive and the AI summit.
Maybe a couple of words about that one. Is it similar to the one you had in in Las Vegas or a different flavor there?
Steve Wylie: It is. Yeah. So the executive summit is something we've had it at Black Hat Europe for a number of years. And as the name suggests, that's really a closed forum for senior level folks across industry.
Some public [00:19:00] sectors, some private sector and it's Chatham House rule. So it's the intention is more of a closed door session where these leaders can speak their minds be candidly. So that's a long long standing program at Blackhat. I think the new thing this year is the AI summit and that's a program that we've.
Added to all of the blackhead events, uh, this year, which has been great. So, uh, we, well, we launched the first one at black at USA and, and then we did a follow on one at, at, uh, at sector. And then, and then this one at black at Europe, and then we are planning to have one at blackhead Asia next year as well.
So it's, uh, uh, No surprise, AI is an important topic for us right now in cyber security. So it's, there's a lot of interest and this is a way for us to basically expand our conference into three days of programming. So it's always been a two day conference and then we would have a. You know, miscellaneous summit, like the executive summit hanging out on the, on the pre day, uh, what you'll see at all of the blackout events is more targeted, uh, you know, focused [00:20:00] conferences on particular, uh, industries or particular technologies.
Sectors like, um, like AI, like cloud computing, what have you, uh, and essentially what, what'll happen over time is the event becoming a three day conference with a lot of options on that pre day to compliment the, the two days of, of, uh, of briefings. So AI summit is a one day program, you know, Excited to debut that this year at the event, uh, registration for it's been strong and a lot of interest.
No doubt. We've, of course, also outside of the AI summit, got a lot of black hat briefings that are focusing on AI. And I feel like that's a recurring theme when I'm talking to you guys as well. Uh, so we've got a number of briefings that are going to cover AI, uh, this year as well.
Sean Martin: What I like about the summit, I spent some time in the AI summit.
Uh, in Toronto and sector and, um, kind of to my earlier point on leading edge research from the hacker community in the [00:21:00] briefings, the summits are leading edge from a different set of cool kids. Doing leading edge, leading edge research on strategy and programs and, and running a business connecting all the stakeholders within the business and across public and private sector as well to ensure we're, we're leading things in the right way.
Not just from a tech perspective, from a, from a full. Big picture perspective. So I'll say it again. The cool kids there. They're all on the summit.
Marco Ciappelli: You know what would make it cool too? Just one word is, and I realized it in the last few events. It's not about talking about AI as hype. I feel like they're actually, they kind of bring it down to, alright, yeah, it's cool, but we don't need to push it just because it's cool.
Let's see what it really can do for cybersecurity. And I feel like it's a more. Tangible technology now than [00:22:00] some, you know, magic wand that or something that you pull out of a hat So I really like how the researcher they bring it down to concrete Use of it in our industry.
Steve Wylie: Yeah, I think um, that's right.
I think it's a little bit by design as well. I mean, I think um, It's always going to be that excuse me. The the blackout briefings are more technical So we'll tend to see you know, we've got a lot of coverage of ai and blackout briefings But it tends to be more around Vulnerabilities in the systems, um, leveraging the inputs of into AI, you know, large language models to trick the AI and to do some to doing something malicious.
So you see a lot of that. There's a few of those sessions actually in the lineup at black at Europe. But then to your your point, Marco, I think the, you know, the, the summit. Is geared towards being a bit more strategic and kind of a little bit bigger picture, but still very content focused. We, you know, that's always going to be the case that a blackout about everything we do is going to be heavy, heavy content, but you've [00:23:00] got different perspectives on that from the technical, hardcore technical community likes to hit the briefings and the trainings to, uh, the audiences that attend our summits, which tend to be like more managerial up to executive levels, really trying to get their arms around what they need to know with AI coming into their, you know, Uh, company because it's coming.
It's already in there. It's already in their business. What do they need to be aware of planning for leveraging as well? There's a lot of cybersecurity. It's leveraging a I, uh, to, you know, for quicker, better responsiveness. So it's it's all of the above really a more strategic look at the same topic and, you know, for complimentary, but different audience sets.
Sean Martin: Yeah. And speaking of, uh, yeah, there was a couple that caught my attention. There's one lobotomy LLM bottom.
Steve Wylie: I, you know, that's one of mine as well, mainly because of the name. I thought that's a great name for a session. Uh, yeah, that one caught my interest as well.
Sean Martin: Yeah, so that one I think [00:24:00] will be worth checking out.
The other one is a double AI agent, which you probably, probably get flagged as well. Um, yeah, anything that makes, well is both connected to like humans and brains and things like that. So
Steve Wylie: putting AI
Sean Martin: in the, in the form of a, of a human, the way we think is always interesting.
Steve Wylie: That that one that last one that you mentioned the, um, the double a I that that was one that caught the attention of our black hat review board as well.
I always like to, as you guys know, stay tuned on what's getting a lot of discussion and interest from the review board. And that that one stood out as well. Kind of looking at, uh. a vulnerability in AI systems where they're able to effectively trick the AI and weaponize the gen AI application to launch attacks inside, uh, inside the system, which I thought was really interesting.
Um, and then, yeah, the other one, the LL, LLM Botomy, I thought was, uh, was really cool [00:25:00] looking at, actually that one's looking at more traditional sort of, uh, security of the AI, looking at Trojan Backdoors, I think, defending against Trojan backdoors, malicious, uh, using basically malicious modifications inserted during the training life cycle to trigger, uh, you know, that are triggered when there's the A.
I. Get specific input. So that one's a little bit of a different view on things, but also super interesting.
Marco Ciappelli: Now, I gotta say they got creative with the name because I can see on Wednesday. There is a Luca Bongiorni, definitely Italian, that says, the title is Pizza Bite and Bruschetta Board, the Hardware Hacking Toolkit, so.
Sean Martin: I should have flagged that one just for the food.
Marco Ciappelli: Exactly. I know, I know, Sean, that would have got your attention, but I actually noticed that. So,
Steve Wylie: you're welcome. I appreciate the creative titles. Like, you know, for a while we would see people trying to sort of game the system and use a lot of numbers or characters in their titles to get, you know, Oh, yeah, they knew it was alphabetized and they wanted to be at [00:26:00] top of the stack.
But now I see people putting some uh, the researchers putting some good thought into a good creative title to get people's attention And keep us going
Sean Martin: You know, from a double AI agent friend, you never know. That's right.
Steve Wylie: That's probably true.
Marco Ciappelli: Well, there's also AI war game, which is not super creative, but that would definitely get my attention.
And, uh, yeah, a lot of AI for sure. I mean, I, I would have definitely, I'm going to miss not being there and have this, this conversation, but we'll definitely try to do the, to do some planning for, for next year.
Sean Martin: There are two more that caught my attention.
There
are two more that caught my attention. I just grabbed, grabbed a couple that reminds us that while AI It's a lot of attention.
We still have to be grounded in everything else. [00:27:00] And to your point on the keynotes, one industrial control and critical infrastructure, one is called the bugs in your boot loaders, embedded device, secure boot fails and how to fix them. Um, doesn't get any more important than at the time things turn on, right?
Absolutely. And wherever they may be embedded in, uh, especially in critical infrastructure. So that one caught my attention. And the other is. Oh yeah, this stuff crosses a wire a lot in different protocols. So there's one called breaking matter vulnerabilities in the matter protocol, which I'm not familiar with what the matter protocol is clearly it's used for something important and has vulnerabilities and you know, need to know what that looks like as well.
So yeah, systems and hardware and protocols, all still very important stuff. So I'm glad to see. Research in those areas continue, not everybody's just jumping on AI. That's the,
Steve Wylie: you know, that's a good point, Sean. And there's one more that I'll add to the, to the, to [00:28:00] the pile. Uh, that was also one that was on the radar of our, our black hat board.
And it's, uh, it's called cyst bumps, exploiting speculative execution and system calls for breaking KASLR in MacOS for Apple Silicon. So the, you know, as I understand it, this session is all about, you know, Apple making a switch from, uh, Intel and, and ARM. Chips to their own silicon. And so I think what this session is going to really focus on is an in depth security analysis of the latest Apple silicon based Mac OS system.
So that's, uh, I think, you know, very interesting. And to your point, non AI and just again, focus on a lot of those security, you know, fundamentals that the black hat is really, uh, you know, known for. And certainly Mac using, uh, new, new chips, um, and. Understanding the vulnerabilities there. I think that's going to be a popular session as well.
Marco Ciappelli: A lot of good stuff. A lot of good stuff.
Sean Martin: Well, it's [00:29:00] always, always a fun time. Of course, there's, there's hallway con, right? Where you get to get to hang out with all these people and have conversations specific to what's in your own head. Possibly triggered by something the speaker said or a panel said.
And, uh, it makes you think differently, right? That's for Marco. That's what it's all about for us. Yeah. Think about what's going on. That's a, that's a good thing.
Steve Wylie: Yeah, Holly public con is always great at black hat. And then we've got some more formal forums for that to this year of black at Europe. Sean, we've got our community lounge, which you probably saw at sector as well.
And the idea here is, is we, you know, we hear from our community that you want to get more chances to talk to, um, some of the thought leaders, uh, at the conference and people to help shape the agenda. So we've got in our community lounge, different meetup schedule where you can meet with track chairs or speakers, you know, in a kind of more informal.
You know, for him, uh, but slightly more formal than running into them in the, in the, [00:30:00] in the hallway. Uh, so that's a nice, new addition to black at Europe this year,
Sean Martin: I got met some of, uh, I don't want to say the most, most amazing people there, but I met a lot of people in the community forum in Toronto sector.
Marco Ciappelli: Yep. And last but not least, all the business hall that you're going to have there. So that's what make this happen, right? All the sponsors and the business. And we lost Sean on that one, but we can keep going. Oh, here it is. I thought you disappeared. So, uh, yeah, thank you to them, of course. And, uh, and I feel like it's always, uh, it is always exciting.
Like a lot of people may think just you walk through the business hall in this event and and it's kind of like, Oh, they're just trying to sell me something. I got to say that usually mean really cool people that sometimes are really there just for networking. And no, not, not obviously to try to [00:31:00] taste their, their latest flavor and, and sell you a bag because it's not something that you buy on the spot oftentimes, but they're there to introduce some innovation and that's also the core of everything that we do.
Steve Wylie: I think the smart. Exhibitors at Black Hat and we have a lot of them. They know that they are. Our audience is always hungry for content. So they, they, uh, they do bring more technical resources to staff their booth. So they're having a more meaningful conversation, you know, you know, to your point, Marco, it's not.
The fluffy, the fluffy stuff. And then in addition to, to all of the vendors that are on the black at business hall, we've also got a number of, of editorial programs as well that help their, the black at arsenal is there this year, which it always is. And, and, uh, those guys do a great job of bringing the latest open source tools, um, Basically, you know, a showing a bit of a show and tell that the developer of the tools there to demonstrate what the tool does.
The [00:32:00] tools are often made available to the community by open source platform. So that's also just a huge opportunity for attendees in the business hall or any of the attendees to really understand some of the free tools that are out there, which everyone, everyone loves free tools. There's also a lot of free sessions that happen in the business hall.
That we make available to everyone as well. So it's, you know, it's, there's definitely something for everyone. And we've, we've got our, our bricks and picks kind of, you know, fun things on the floor as well. Uh, that's happening at Black Hat Europe that this year, that's a, as the name suggests, it's an area that's a little bit more interactive and focused on two things.
It's lock picking, which our community loves to pick a lock. And then, and secondly, it's Lego and who doesn't love Lego and, and, uh, we've been doing this at a lot of the Black Hat events and they, they, uh, they, they do these sort of collaborative. Builds of large mosaics and Lego and it's a lot of fun. So that's something to check out as well
Marco Ciappelli: He's definitely getting popular again.
It was popular when I was a kid, [00:33:00] but now it's an all different world I mean when I was a kid, it will be the castle now. They're like, you know Star Wars and incredible Engineering going on so I can see the hacking community getting getting excited about that kind of stuff That kind of stuff, for sure.
Well, all of this is going to happen really, really soon. Again, December 9th to the 12th, 2024 at the Excel in London. And, uh, yeah, I guess, Sean, we should make a commitment right here, public, to try to be there. Next year and maybe follow, follow the, follow the Black Hat wagon around and, and that's the plan.
And see how's the plan we can support as, uh, we, we, we love you guys and we love what you do for, for the community and, uh, and bringing always new people to getting interested in this.
Steve Wylie: So yeah, and I like guys, we love what you guys do as well.
Sean Martin: We'll get a chance to chat with a few, few of the folks as well.
Uh, [00:34:00] yeah, that's great. So very good.
Marco Ciappelli: Very good. So best of luck. And for everybody listening, as Sean said, stay tuned because even post event or during the event, we'll try to connect with a few few people, possibly some keynotes and some people that are going to speak there. And, uh, yeah, so stay tuned, subscribe, and, uh, we will bring you what we can even if you're not going to be there.
Or, well, yeah, sure, of course. Not everybody can. And so, for those that cannot, we'll, uh, we'll be your eyes and ears as much as we can. Thank you, Steve. Always a pleasure.
Steve Wylie: Marco and Sean, thanks so much. And I guess Sean, I'll be seeing you very soon and Marco until next time. But always a pleasure speaking with you both.
Sean Martin: Yes. Thank you. And thanks everybody for, uh, catching this episode where there's more coming. Stay tuned on [00:35:00] ITSB magazine.