Following a continental breakfast, participants gathered in the Augustus Ballroom for the opening remarks from BlackHat founder Jeff Moss, who discussed trends in IT security and the changes in the security landscape since the first annual conference back in the 1990s. Then keynote speaker Ambassador Cofer Black took the stage. Black spent 28 years in the CIA and told the story of the U.S. government's inabiity to come to terms with the compelling evidence of what was to come on September 11, 2001, despite his own and others' predictions that a major attack was coming.
He discussed the importance of validation of threat and attack, and how -- once the crisis actually occurred -- suddenly all the obstacles his group had faced before (lack of funding, personnel and other resources) magically dropped away as everyone came together to respond to the now-validated threat. Next he tied this all into the purpose of this conference, and explained that, today, cyber attack has joined chemical, nuclear/radiological and bacteriological as the top threats for which the intelligence and counterterrorism communities are preparing.
Near the end of his talk, whether by eery coincidence, a planned part of the presentation, or the action of hacker(s) in attendance, civil-defense style alarm sirens began sounding throughout the hotel's conference center (not confined to the room), followed by stilted announcements advising that "the alarm you are hearing is under investigation" and admonitions to "remain calm." Whatever the origin of the alarm (which ended after perhaps ten minutes with instruction to "return to your normal activities," it seemed a fitting conclusion to the keynote, and got everyone revved up for the sessions to follow.
Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 additional books on subjects such as the Windows 2000 and Windows 2003 MCSE exams, CompTIA Security+ exam, and TruSecure's ICSA certification.