A Procrastinator’s Guide to Black Hat USA 2024 – and How to Watch Later

It’s Black Hat time again! Las Vegas will once again be the epicenter for the world’s top cybersecurity minds as Black Hat USA 2024 kicks off at the Mandalay Bay Convention Center on Saturday. We’ve got our top picks for must-see sessions – and info on some vital last-minute deadlines, below.

This highly anticipated event, now in its 27th year, is a magnet for security professionals, from ethical hackers and tech innovators to government officials and corporate security leaders.

Running August 3-8, Black Hat promises more than 100 advanced research briefings, 120-plus engaging discussion sessions, and a plethora of open-source tool demonstrations. And the speaker lineup includes cybersecurity luminaries like CISA director Jen Easterly and Microsoft’s deputy CISO Ann Johnson, who will share their insights on the evolving threat landscape and innovative defense strategies.

Accelerate IT ops and security incident response tasks on a single platform—and in real time—before threats spread across your network.

A big draw to the conference is the Arsenal, a collection of interactive labs and hands-on workshops designed to provide participants with practical experience in tackling real-world security challenges. Black Hat Arsenal (held August 7 and 8) will also showcase the latest open-source tools, offering a glimpse into the cutting-edge technologies shaping the future of cybersecurity.

Other key activities include cybersecurity trainings (August 3 – August 6), security topic briefings (August 7 and 8), vendor networking in the Business Hall (August 7 and 8), and info-packed issue sessions (August 7 and 8) – see our five can’t-miss choices below.

For those unable to attend in person, Black Hat continues to offer robust virtual access. Last year’s hybrid format saw a record-breaking number of participants – more than 22,750 unique attendees, with nearly 20,000 on-site and 3,000-plus who registered for on-demand access. Virtual access ensures that whether you’re on the ground in Vegas or tuning in from home, you won’t miss a moment of the action. And it’s a great last-minute option for procrastinators (we know you’re out there). Just be aware that even that deadline is now upon us.

Last-minute deadlines for Black Hat USA 2024

DEADLINES FOR IN-PERSON ACCESS:

• August 2 (for “late” registration done online); $3,099: This includes access to all in-person briefings, Arsenal demos, Business Hall activities and sessions, and more. This pass also gives you access to the range of conference content that will be available online August 16 – September 16, 2024.
• August 8 (for on-site registration); $3,299: This includes access to any of the above events still to come and virtual recordings.

DEADLINES FOR ON-DEMAND ACCESS:

• August 2 (if you register online); $1,659: This includes all recorded briefings, Arsenal presentations, Business Hall activities and sessions, starting one week after the live event and running until September 16.
• August 8 (if you roll up and register on-site); $1,769: Same as the above.

5 can’t-miss sessions at Black Hat USA 2024

For more details on virtual access and to register, visit the Black Hat website here. Then be sure to check out these five sessions on vital issues for enterprise leaders and security pros.

1. THE ISSUE – CISO survival tactics

• What: Skirting the Tornado: Essential Strategies for CISOs to Sidestep Government Fallout in the Wake of Major Cyberattacks
• When: Wednesday, August 7, 3:20 p.m. – 4 p.m. PT
• Who: Jess Nall, partner at Baker McKenzie, LLP

Legal eagle Nall addresses the increasingly complex landscape CISOs have to navigate after a significant cyber incident. The session is particularly attention-grabbing due to its focus on avoiding governmental repercussions post-cyberattack, at a time of intensifying regulatory scrutiny.

Attendees will gain practical strategies to not only mitigate damage but also proactively manage the fallout, ensuring IT compliance and maintaining stakeholder trust. For CISOs looking to enhance their crisis management toolkit, this briefing is an unmissable opportunity to learn from the best in the field.

[Read also: Our one-on-one with renowned attorney Jess Nall offers a sneak peek at her upcoming session and tips for CISOs as regulatory pressures rise]

2. THE ISSUE – AI / ML

• What: From HAL to HALT: Thwarting Skynet & Siblings in the GenAI Coding Era
• When: Wednesday, August 7, 1:30 p.m. – 2:10 p.m. PT
• Who: Chris Wysopal, CTO and co-founder, Veracode

This session dives into the pressing issue of securing AI-driven systems, an area gaining critical importance as AI technologies become increasingly sophisticated and integrated into everyday operations.

Wysopal’s compelling primary focus is on the real-world implications of AI vulnerabilities. By examining potential threats posed by advanced AI systems, akin to the fictional Skynet, he aims to equip attendees with practical strategies to prevent and mitigate AI-driven attacks. The discussion will offer a deep dive into the challenges and solutions in this rapidly evolving field.

[Read also: Our exclusive sit-down with security expert Chris Wysopal on his upcoming session and why ignoring vulnerable code is actually not so crazy]

3. THE ISSUE – Cyber Insurance

• What: Moral Hazards and Ethical Considerations in Cyber-Insurance
• When: Wednesday, August 7, 4:20 p.m. – 5 p.m. PT
• Who: Lindsay Nickle, partner and vice chair of Cybersecurity and Data Privacy at Constangy, Brooks, Smith & Prophete, LLP

Delve into the evolving world of cyber insurance with this expert panel discussing pivotal areas of risk transference and the latest trends in the field.

The panel will focus on the ethical dilemmas faced by organizations, such as the balance between comprehensive coverage and incentivizing robust cybersecurity practices. Attendees will also learn about the evolving landscape of cyber insurance claims and how ethical considerations are influencing underwriting decisions and premium adjustments.

[Read also: Here’s how Tanium’s risk assessment solution eases the burden on your underwriting (and boosts confidence with carriers)]

4. THE ISSUE – Threat Hunting & Incident Response

• What: In Defense of Facts: Setting Standards Against Information Threats
• When: Thursday, August 8, 10:20 a.m. – 11 a.m. PT
• Who: Lester Godsey, CISO of Maricopa County, Texas

A must-attend for cybersecurity professionals, policymakers, and anyone involved in information management, this session aims to provide a comprehensive understanding of the current challenges and innovative solutions in the fight against deepfakes and other information threats.

After responding to a massive onslaught of mis/dis/malinformation in his county, Godsey now advocates for robust common standards to defend against information threats. Participants will gain insights into the latest methodologies for detecting and neutralizing disinformation, the role of technology in safeguarding facts, and the ethical considerations involved in these efforts. The session promises to equip attendees with practical tools and strategies to protect the integrity of information in an ever-more-complex digital landscape.

[Read also: Why businesses big and small (and every other org) can no longer ignore mis- or dis- or malinformation]

5. THE ISSUE – Ransomware reconnaissance

• What: Relationships Matter: Reconstructing the Organizational and Social Structure of a Ransomware Gang
• When: Wednesday, August 7, 2:30 p.m. – 3 p.m. PT
• Who: Dalya Manatova, Ph.D. student at Indiana University, and L. Jean Camp, professor at Indiana University

How does “organized” cybercrime get so organized? Based on extensive analysis of chat logs leaked from a notorious ransomware group, the speakers discuss the human element of cybercrime. Attendees will learn how personal relationships and organizational structures within these gangs influence their effectiveness and resilience. The session will also cover innovative techniques for mapping and analyzing these networks, providing a comprehensive understanding of how to combat ransomware from a sociotechnical perspective.

For those looking to deepen their knowledge of cybercrime and enhance their strategies against ransomware, this briefing offers valuable, actionable insights from two leading experts in the field.

[Read also: Here’s how autonomous incident response more effectively disrupts cyberattacks and remediates endpoints]

TANIUM AT BLACK HAT USA 2024 – Booth 2550

Tanium (which publishes this magazine) will be hosting a variety of quick-hit (because we know you’re busy) content presentations and short demos at Black Hat USA.

Look for Booth 2550, where you will get up-to-the-minute info on the latest developments in the Tanium platform and Tanium solutions, including:

• XEM and autonomous endpoint management (AEM)
• Guardian
• Vulnerability management
• Incident response
• Microsoft Copilot for Security with Tanium
• Tanium security options with ServiceNow