uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites,’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.


The state of IT security at Las Vegas conferences

Wendy Nather is Research Director within 451 Research’s Enterprise Security Program, providing analysis on the current state of security from the perspective of a veteran CISO. Wendy posted some thoughts in the lead up to Black Hat, DEF CON, and B-Sides conferences happening next week in Las Vegas. Below is a short excerpt of some themes that she observed when looking at the session topics.

You can view the full report at and logging in here: The state of security in Vegas: suits, spooks and sprogs

Common security presentation themes by Wendy Nather:

*Hacking all of the things: Many presentations have spun off this year into non-server targets. Popular areas for security talks will be embedded systems, medical devices, cars, home devices, smart TVs, point-of-sale systems and SCADA systems, along with the usual wireless. There are even talks about hacking mainframes, which goes to show that legacy systems are still relevant.

*Mobile security is still a Thing, although the number of iOS, BlackBerry and Android talks in each conference has decreased quite a bit from previous years. This doesn’t mean that nobody is working on mobile exploits – it probably just indicates a bit of fatigue on the part of conference committee members. We will still see mobile protection being featured in the vendor booths wherever possible.

*Cryptography appears to be a hot topic, particularly as it pertains to the use by and against the government. Password security in particular will appear in talks, as numerous attacks in recent times have involved the compromise of non-encrypted passwords. (*Source: 451 Research MIS Spotlight)

Be careful what you say to this audience

Wendy Nather makes an interesting comment near the end of her report. “Nobody is willing to go out on a limb and stand up in front of thousands of hackers to say, ‘We’re doing a good job, and you can, too.’ And this leaves a wide gap between solution providers and end users, with the people who like to break things standing in the middle.”

The team at NopSec is proud to be a sponsor of Black Hat 2013 and we very much look forward to interactions at our booth #121 in the expo hall. You might also be interested in Michelangelo Sidagni’s blog post on briefings that help him define tomorrow’s information security landscape, “Recommended sessions at Black Hat 2013 conference”.

Schedule a Product Demo Today!

See how NopSec's security insights and cyber threat exposure management platform can organize your security chaos.