Black Hat 2011 update: Keynote address complete with sirens

Deb Shinder kicks off the news from Black Hat 2011 with a report from the keynote address and a mysterious series of alarms at the conference center.
A hoard of hackers descended on Caesar's Palace this morning, along with a variety of security researchers, government agents, more generic IT professionals, and members of the tech press. The lines to register wound down the long hallways and around corners; according to the keynote intro, some 8500 people are in attendance, from countries around the world.

Following a continental breakfast, participants gathered in the Augustus Ballroom for the opening remarks from BlackHat founder Jeff Moss, who discussed trends in IT security and the changes in the security landscape since the first annual conference back in the 1990s. Then keynote speaker Ambassador Cofer Black took the stage. Black spent 28 years in the CIA and told the story of the U.S. government's inabiity to come to terms with the compelling evidence of what was to come on September 11, 2001, despite his own and others' predictions that a major attack was coming.

He discussed the importance of validation of threat and attack, and how -- once the crisis actually occurred -- suddenly all the obstacles his group had faced before (lack of funding, personnel and other resources) magically dropped away as everyone came together to respond to the now-validated threat. Next he tied this all into the purpose of this conference, and explained that, today, cyber attack has joined chemical, nuclear/radiological and bacteriological as the top threats for which the intelligence and counterterrorism communities are preparing.

Near the end of his talk, whether by eery coincidence, a planned part of the presentation, or the action of hacker(s) in attendance, civil-defense style alarm sirens began sounding throughout the hotel's conference center (not confined to the room), followed by stilted announcements advising that "the alarm you are hearing is under investigation" and admonitions to "remain calm." Whatever the origin of the alarm (which ended after perhaps ten minutes with instruction to "return to your normal activities," it seemed a fitting conclusion to the keynote, and got everyone revved up for the sessions to follow.


Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 add...


Ambassador Cofer Black gave a clear example of the attitude of governments and businesses. "Unless you can prove the risk we will not spend to prevent it." That perhaps means that those of us who have been in the business a while, are not convincing enough with our risk assessments, or perhaps want to spend too much to prevent the damage. When we look at risk in our personal lives we make judgements or how to deal with potential risks. We insure against some, we put in better locks, we may put up bars and sometimes we choose to accept the risk because the cost of mitigating them is higher than the damage cost. I, for instance insure my house and car but choose not to insure against breakdown of my car. I prefer to ensure that proper maintenance minimises the risk of needing to call on such a service, so far it has proved to be the most economic option. Now I am retired and confine my help to silver surfers, when it comes to cyber risks I practice and teach common sense and the use of basic "locks". AV and firewalls, strong and different passwords in a four level password strategy (see for some good examples) and most important - read what it says on the screen. Perhaps the way forward to make sure that we are careful not to exaggerate the risks but clearly present the potential damage costs.

Editor's Picks