What security pros need to know from Black Hat & Def Con 2019

Black Hat and Def Con came and went as quickly as it ever does. The week-long pair of back-to-back conferences, referred to as “hacker summer camp,” draws in the security crowd from across the world onto Las Vegas, where startups tout their technologies as hackers and researchers reveal their findings.

This year we saw ordinary-looking charging cables that can hack your computer, we found out that cloud backups are easily exposed, robocall blocking apps aren’t as privacy-focused as you might think, and your corporate VPN and office printer are targets for hackers (and if they fail there they’ll just ship a hardware exploit to your mailroom.) Even students can easily hack their own school systems.

The obvious takeaways might be to never plug anything into your computer and that all your data is already ‘pwned’.

But what does that all mean to the average security professional, let alone the CISO at the top of the corporate chain? Between the villages and the many speaker tracks — not to mention the darting between hotels — it’s tough to know exactly what we should take away from the shows.

We spoke to four security experts who were there and asked them what their primary takeaways were for security decision-makers.

Internet of Things is a risk factor