[ { "start": 0.06, "end": 7.74, "text": "This episode is provided by Thomas Allgeier and Frennis, based on the most relevant LinkedIn posts about Black Hat Europe, twenty twenty-five." }, { "start": 7.82, "end": 17.64, "text": "Frennis supports ICT enterprises with market and competitive intelligence, decoding emerging technologies, customer insights, regulatory shifts, and competitor strategies." }, { "start": 17.96, "end": 22.3, "text": "So product teams and strategy leaders don't just react, but shape the future." }, { "start": 23.26, "end": 24.34, "text": "Welcome to the Deep Dive." }, { "start": 24.72, "end": 30.32, "text": "This week, we're cutting through all the noise from the huge Black Hat Europe, twenty twenty five conference in London." }, { "start": 30.6, "end": 31.32, "text": "Yeah, there's a lot of" }, { "start": 31.38, "end": 31.46, "text": "it." }, { "start": 31.6, "end": 32.259, "text": "There always is." }, { "start": 32.4, "end": 37.84, "text": "Our goal is to filter out the hype and really deliver the most essential cybersecurity insights directly to you." }, { "start": 38.32, "end": 40.48, "text": "Black Hat is just, it's a technical fire hose." }, { "start": 40.64, "end": 41.48, "text": "It absolutely is." }, { "start": 41.68, "end": 47.68, "text": "And Black Hat Europe, it's unique because it's so focused on operational security, you know, practical innovation." }, { "start": 48.06, "end": 50.04, "text": "It's where researchers show you how they actually break things." }, { "start": 50.28, "end": 50.48, "text": "Right." }, { "start": 50.54, "end": 52.42, "text": "Which is why practitioners pay such close attention." }, { "start": 53.12, "end": 59.32, "text": "So what we're going to do is unpack the key trends we saw across LinkedIn from all the attendees, the researchers, the experts." }, { "start": 59.82, "end": 61.0, "text": "Things that matter right now." }, { "start": 61.42, "end": 65.22, "text": "And we've kind of clustered the highlights into four critical themes that tell a bigger story." }, { "start": 65.94, "end": 73.18, "text": "The central idea we saw really is this shift away from static defense towards something more like dynamic resilience." }, { "start": 73.4, "end": 74.56, "text": "A very important distinction." }, { "start": 74.98, "end": 75.32, "text": "It is." }, { "start": 76.0, "end": 81.78, "text": "And it means we have to look at... First, how AI security is maturing into this agentic revolution." }, { "start": 82.26, "end": 86.76, "text": "Second, what offensive security looks like today across cloud and legacy stuff." }, { "start": 86.84, "end": 86.88, "text": "And" }, { "start": 86.92, "end": 90.66, "text": "the third piece has to be that shift toward organizational resilience." }, { "start": 90.74, "end": 90.94, "text": "Right." }, { "start": 91.32, "end": 92.16, "text": "Better visibility." }, { "start": 92.5, "end": 92.6, "text": "Yeah." }, { "start": 92.64, "end": 93.66, "text": "Hardening the supply chain." }, { "start": 93.76, "end": 94.16, "text": "Exactly." }, { "start": 94.26, "end": 98.42, "text": "And finally, we'll zoom out to the strategic and policy views that are shaping what comes next." }, { "start": 98.58, "end": 102.72, "text": "That narrative that moved from static defense to dynamic resilience." }, { "start": 102.9, "end": 103.6, "text": "That's perfect." }, { "start": 104.18, "end": 105.8, "text": "because it starts right where the industry is going." }, { "start": 106.26, "end": 106.62, "text": "AI." }, { "start": 106.8, "end": 107.18, "text": "Of course." }, { "start": 107.48, "end": 113.32, "text": "I mean, AI security was central, but the conversation has moved so quickly past just, you know, protecting the data or the model." }, { "start": 113.98, "end": 116.82, "text": "We're now talking about securing autonomous systems." }, { "start": 117.24, "end": 117.82, "text": "Agentic" }, { "start": 118.1, "end": 118.16, "text": "AI." }, { "start": 118.6, "end": 119.54, "text": "Agentic AI." }, { "start": 119.84, "end": 121.64, "text": "These are systems that don't just analyze data." }, { "start": 122.02, "end": 122.66, "text": "They act on it." }, { "start": 122.84, "end": 124.04, "text": "They make real world decisions." }, { "start": 124.44, "end": 128.139, "text": "And that kind of operational shift, it demands immediate governance rate." }, { "start": 128.259, "end": 128.66, "text": "It has to." }, { "start": 128.759, "end": 134.3, "text": "Which is why initiatives like the launch of the OWASPEGENTIK AI Top Ten were so critical." }, { "start": 134.7, "end": 137.06, "text": "I saw Helen Oakley and others were heavily involved in that." }, { "start": 137.24, "end": 143.44, "text": "Yeah, that gives practitioners a real framework to focus on these new pretty dangerous vulnerabilities." }, { "start": 143.6, "end": 143.66, "text": "So" }, { "start": 143.76, "end": 144.52, "text": "what's changed?" }, { "start": 144.6, "end": 145.6, "text": "What's the new risk?" }, { "start": 145.9, "end": 147.96, "text": "Well, the whole attack surface has changed." }, { "start": 148.38, "end": 151.72, "text": "We're securing the entire AI stack now, not just the model weights." }, { "start": 152.64, "end": 158.78, "text": "Ron Bitten, PhD, he highlighted how high quality submissions focused on exploitation in production." }, { "start": 159.04, "end": 159.6, "text": "In production?" }, { "start": 160.0, "end": 160.64, "text": "Not in a lab." }, { "start": 160.82, "end": 161.3, "text": "Exactly." }, { "start": 161.72, "end": 165.46, "text": "Including research on how, get this, image downscaling artifacts." }, { "start": 165.54, "end": 166.46, "text": "The little distortions." }, { "start": 166.52, "end": 166.56, "text": "The" }, { "start": 166.64, "end": 168.48, "text": "tiny distortions when you compress an image." }, { "start": 168.98, "end": 172.08, "text": "They can be weaponized to trigger hidden prompts in live systems." }, { "start": 172.22, "end": 172.62, "text": "Wow." }, { "start": 173.16, "end": 176.22, "text": "That's a next level supply chain attack just hiding in plain sight." }, { "start": 176.42, "end": 176.74, "text": "It is." }, { "start": 177.12, "end": 180.74, "text": "And it proves that even simple data processing can open up a new attack vector." }, { "start": 181.04, "end": 183.34, "text": "And the offensive community is already all over this." }, { "start": 183.66, "end": 190.58, "text": "I saw that attendees of the AI red teaming training, like Stefan Metler, were diving deep into multi-agent vulnerabilities." }, { "start": 191.02, "end": 191.2, "text": "Right." }, { "start": 191.72, "end": 199.1, "text": "And when we talk about techniques like Crescendo, GCG, PayR, and TAPI, for anyone listening who isn't deep in the weeds on this." }, { "start": 199.22, "end": 200.04, "text": "Which is most of us." }, { "start": 200.28, "end": 200.4, "text": "These" }, { "start": 200.44, "end": 201.9, "text": "are not simple prompt injections." }, { "start": 202.22, "end": 206.8, "text": "They're sophisticated, often programmatic ways to exploit the agent's internal reasoning." }, { "start": 207.54, "end": 211.0, "text": "You're basically coercing it to bypass its own safety rules." }, { "start": 211.08, "end": 214.22, "text": "So you're exploiting the logic of the agent, not just the code." }, { "start": 214.72, "end": 215.26, "text": "Precisely." }, { "start": 215.6, "end": 215.72, "text": "Yeah." }, { "start": 215.86, "end": 220.44, "text": "And that raises the stakes so much, especially when these things are making autonomous decisions." }, { "start": 220.8, "end": 225.18, "text": "Dennis Belie made a critical point about this, the urgency of securing systems that" }, { "start": 225.34, "end": 225.62, "text": "act." }, { "start": 225.82, "end": 226.52, "text": "What was it he said?" }, { "start": 226.7, "end": 228.2, "text": "His line was just unforgettable." }, { "start": 228.46, "end": 231.04, "text": "LMMs don't fail loudly, they fail confidently." }, { "start": 231.38, "end": 231.5, "text": "Oof," }, { "start": 231.84, "end": 232.0, "text": "yeah." }, { "start": 232.42, "end": 239.44, "text": "That lack of a clear failure signal when a model makes a catastrophic mistake is just... It's terrifying in an enterprise setting." }, { "start": 239.56, "end": 239.68, "text": "Which" }, { "start": 239.74, "end": 241.62, "text": "is why we have to use AI for defense too." }, { "start": 241.96, "end": 250.28, "text": "I saw a great post from Sharon Kumar and noting that the really cutting-edge AI security tools are hitting the arsenal stage as open-source projects now." }, { "start": 250.54, "end": 251.8, "text": "A community defense push." }, { "start": 252.04, "end": 252.58, "text": "A huge one." }, { "start": 253.0, "end": 254.88, "text": "Democratizing sophisticated defenses." }, { "start": 255.32, "end": 260.779, "text": "Yeah, we're talking about tools like Harbinger for Mandiant, which is like an AI co-pilot for a red team, helping them work faster." }, { "start": 260.98, "end": 263.28, "text": "Or Threat Shield, such a knockball was showing it off." }, { "start": 263.38, "end": 266.14, "text": "It's an AI-driven threat modeling assistant." }, { "start": 266.38, "end": 269.7, "text": "So designing security in from the start, not bolting it on." }, { "start": 269.9, "end": 270.32, "text": "Exactly." }, { "start": 270.42, "end": 273.14, "text": "And that concept... ties right into the last point on this theme." }, { "start": 273.7, "end": 278.66, "text": "Eduardo Gonzalez-Lanez pointed out a significant shift left in AI security." }, { "start": 278.76, "end": 278.98, "text": "Which in" }, { "start": 279.06, "end": 279.82, "text": "testing earlier?" }, { "start": 280.02, "end": 280.62, "text": "Way earlier." }, { "start": 281.3, "end": 285.6, "text": "Moving assurance into the development life cycle, not waiting to test things in production." }, { "start": 285.66, "end": 289.26, "text": "It's DevSecOps, but for systems that could, you know, go rogue." }, { "start": 289.38, "end": 292.58, "text": "Okay, so that shift left demands proactive testing." }, { "start": 292.82, "end": 296.2, "text": "But where are attackers actually putting that resilience to the test?" }, { "start": 296.38, "end": 298.5, "text": "Ah, well that brings us right to our second theme." }, { "start": 299.1, "end": 301.02, "text": "pure offensive security research." }, { "start": 301.22, "end": 305.08, "text": "Where Black Hat is still the epicenter for breaking things." }, { "start": 305.14, "end": 305.56, "text": "Definitely." }, { "start": 305.98, "end": 312.64, "text": "And the research showed systemic attacks across the board, new cloud stuff, hardware, even deep inside old platforms." }, { "start": 312.7, "end": 313.28, "text": "So where do we start?" }, { "start": 313.46, "end": 313.78, "text": "Cloud." }, { "start": 314.04, "end": 314.18, "text": "Let's" }, { "start": 314.22, "end": 315.04, "text": "start with cloud." }, { "start": 315.78, "end": 320.92, "text": "Cloud Native Offense is maturing so quickly because those environments are just so complex." }, { "start": 322.02, "end": 324.24, "text": "Ashita Pandey presented Cube Shadow." }, { "start": 324.32, "end": 324.54, "text": "Cube" }, { "start": 324.62, "end": 324.92, "text": "Shadow." }, { "start": 325.58, "end": 328.32, "text": "It's an advanced offensive Kubernetes red team framework." }, { "start": 328.7, "end": 333.98, "text": "and it's open source now, which tells you attackers are moving way past simple misconfigurations." }, { "start": 334.16, "end": 334.28, "text": "We're" }, { "start": 334.34, "end": 339.38, "text": "talking systematic technical attacks designed to take over containerized environments at scale." }, { "start": 339.72, "end": 340.06, "text": "That's it." }, { "start": 340.52, "end": 342.14, "text": "But it's not all software, is it?" }, { "start": 342.18, "end": 343.02, "text": "No, not at all." }, { "start": 343.22, "end": 348.24, "text": "Physical systems, deep hardware flaws, that's still a huge research area." }, { "start": 349.0, "end": 354.2, "text": "I saw a SOC web or Falknex was focused specifically on payments and card present technology." }, { "start": 354.36, "end": 354.4, "text": "The" }, { "start": 354.48, "end": 355.7, "text": "hardware behind the transaction." }, { "start": 355.8, "end": 356.56, "text": "Exactly." }, { "start": 356.6, "end": 356.96, "text": "Yeah." }, { "start": 357.04, "end": 358.46, "text": "That kind of research is vital." }, { "start": 358.78, "end": 361.1, "text": "One flaw could impact millions of devices." }, { "start": 361.18, "end": 362.84, "text": "And they're making this knowledge more accessible." }, { "start": 363.26, "end": 365.44, "text": "Giorgio's Rumeleo has showcased PumePad." }, { "start": 365.82, "end": 366.26, "text": "What's that?" }, { "start": 366.4, "end": 366.5, "text": "It's" }, { "start": 366.54, "end": 368.84, "text": "an immersive hardware hacking learning platform." }, { "start": 369.16, "end": 373.5, "text": "It covers everything from reverse engineering PCBs to side channel attacks." }, { "start": 373.72, "end": 375.12, "text": "So it's about that knowledge transfer." }, { "start": 375.2, "end": 377.32, "text": "It's still central to the black cat ethos." }, { "start": 377.46, "end": 377.86, "text": "Absolutely." }, { "start": 378.34, "end": 382.26, "text": "And while cloud and hardware get the headlines, we can't forget the legacy stacks." }, { "start": 382.7, "end": 382.94, "text": "Right." }, { "start": 383.88, "end": 386.9, "text": "Martin B had a great reminder about the importance of mainframes." }, { "start": 387.76, "end": 392.16, "text": "So many enterprises still run their core financial and logistics processing" }, { "start": 392.24, "end": 392.52, "text": "on them." }, { "start": 392.88, "end": 395.26, "text": "And they're often forgotten in modern security budgets." }, { "start": 395.72, "end": 400.94, "text": "Making them a high value, very low visibility target for a sophisticated actor." }, { "start": 401.48, "end": 403.32, "text": "And that systemic view is crucial." }, { "start": 403.98, "end": 407.56, "text": "Researchers are bringing modern tools to these old corners of the stack." }, { "start": 407.94, "end": 410.42, "text": "For instance, Mohit A. presented Iofhammer." }, { "start": 410.6, "end": 411.12, "text": "A fuzzing" }, { "start": 411.2, "end": 411.42, "text": "tool." }, { "start": 411.68, "end": 413.7, "text": "A lightweight, parameter-centric fuzzing tool." }, { "start": 414.42, "end": 420.74, "text": "For listeners, fuzzing is basically just throwing intelligently crafted garbage at a system to see if it breaks or gives up a vulnerability." }, { "start": 421.14, "end": 423.2, "text": "And this just makes that process way more efficient." }, { "start": 423.48, "end": 423.96, "text": "It does." }, { "start": 424.66, "end": 428.44, "text": "But the sheer volume of vulnerabilities being found is creating its own crisis." }, { "start": 428.76, "end": 430.52, "text": "Which is where Jerry Gamblin's point comes in." }, { "start": 430.8, "end": 433.68, "text": "He was advocating for global CVE decentralization." }, { "start": 434.1, "end": 438.84, "text": "Arguing that our current centralized systems for tracking vulnerabilities just can't keep up." }, { "start": 439.34, "end": 441.32, "text": "It's a systemic problem in how we respond." }, { "start": 441.54, "end": 449.1, "text": "And speaking of what's hidden in the system, one of the most insightful bits of research I saw was noted by James Johnson from his Bitdefender colleagues." }, { "start": 449.5, "end": 449.7, "text": "Okay." }, { "start": 450.02, "end": 452.58, "text": "They showed that encryption is not a security panacea." }, { "start": 452.8, "end": 453.0, "text": "You mean" }, { "start": 453.08, "end": 453.64, "text": "even encryption?" }, { "start": 453.68, "end": 455.28, "text": "to traffic can leak information." }, { "start": 455.34, "end": 455.34, "text": "A" }, { "start": 455.44, "end": 455.92, "text": "lot of it." }, { "start": 456.02, "end": 458.38, "text": "The metadata, the packet size, the timing." }, { "start": 459.08, "end": 462.56, "text": "It can still reveal important details about devices and user behavior." }, { "start": 463.16, "end": 467.22, "text": "Encryption hides the content, but the conversation patterns still tell the story." }, { "start": 467.96, "end": 473.16, "text": "That is exactly the kind of forensic low-level research that makes Black Hat what it is." }, { "start": 473.58, "end": 480.38, "text": "OK, so let's pivot from breaking things to fixing things, the stuff that translates directly into enterprise budgets." }, { "start": 480.48, "end": 481.34, "text": "Our third theme, right?" }, { "start": 481.88, "end": 482.94, "text": "Software supply chain." }, { "start": 483.28, "end": 485.24, "text": "operational resilience and visibility." }, { "start": 485.72, "end": 486.0, "text": "Yes." }, { "start": 486.66, "end": 490.6, "text": "This is all about the practical solutions for what keeps EISOs up at night." }, { "start": 491.04, "end": 494.16, "text": "Supply chain chaos and just drowning in alerts." }, { "start": 494.46, "end": 498.84, "text": "Well, on the supply chain side, the fight against dependency confusion is definitely ramping up." }, { "start": 499.1, "end": 504.04, "text": "Where an attacker tricks your build system into pulling a malicious package instead of a legitimate one." }, { "start": 504.12, "end": 504.32, "text": "Right." }, { "start": 504.64, "end": 507.3, "text": "Harsh Farajah presented a tool called Dep Confuse." }, { "start": 507.86, "end": 512.7, "text": "It's an S-bomb first tool designed to proactively find those vulnerabilities before they get exploited." }, { "start": 513.14, "end": 514.98, "text": "So, from detection to prevention." }, { "start": 515.039, "end": 519.1, "text": "then, I saw Yadu Krishna M. introduced supply shield." }, { "start": 519.44, "end": 522.52, "text": "And that's a CICD native framework that does something really critical." }, { "start": 523.179, "end": 525.42, "text": "It uses EPSS-based prioritization." }, { "start": 525.8, "end": 527.92, "text": "The exploit prediction scoring system." }, { "start": 528.16, "end": 529.64, "text": "Which is a huge improvement." }, { "start": 529.92, "end": 536.26, "text": "It forces div teams to focus not on the number of vulnerabilities, but on the handful that are actually likely to be exploited." }, { "start": 536.46, "end": 537.08, "text": "Context." }, { "start": 537.38, "end": 539.34, "text": "It's context-driven prioritization." }, { "start": 539.48, "end": 540.72, "text": "Context is everything." }, { "start": 541.16, "end": 542.96, "text": "And the attack surface just keeps expanding." }, { "start": 543.3, "end": 545.4, "text": "Subho Holder demonstrated knock-spy." }, { "start": 545.92, "end": 546.54, "text": "For mobile?" }, { "start": 546.66, "end": 551.38, "text": "Yeah, a technique for real-time API interception in MDM-locked mobile apps." }, { "start": 551.72, "end": 554.94, "text": "So even your tightly managed enterprise phones are still vulnerable." }, { "start": 555.14, "end": 557.76, "text": "And the perimeter's going way beyond logical networks too." }, { "start": 558.3, "end": 561.76, "text": "Robin Wilding Webb highlighted the growing importance of physical security." }, { "start": 561.98, "end": 564.84, "text": "You're talking about distributed acoustic sensing or DOS." }, { "start": 564.94, "end": 565.5, "text": "Exactly." }, { "start": 565.68, "end": 572.24, "text": "For fiber, pipelines, rail lines, you're basically turning the entire fiber optic cable into a giant microphone." }, { "start": 572.32, "end": 572.98, "text": "Or a tripwire." }, { "start": 574.12, "end": 576.36, "text": "Listening for vibrations that signal tampering." }, { "start": 576.7, "end": 579.42, "text": "It's extending monitoring way beyond the IT layer." }, { "start": 579.76, "end": 581.44, "text": "Which brings us right back to visibility." }, { "start": 581.54, "end": 584.88, "text": "If you're going to monitor everything, you need high fidelity data." }, { "start": 585.32, "end": 586.5, "text": "Austin SM noted this." }, { "start": 587.12, "end": 593.54, "text": "The demo has all proved that the quality of your telemetry is directly linked to faster, more confident decisions." }, { "start": 594.0, "end": 596.16, "text": "Bad data means slow response." }, { "start": 596.24, "end": 597.04, "text": "It's alert fatigue." }, { "start": 597.24, "end": 597.7, "text": "It's a mess." }, { "start": 598.1, "end": 603.02, "text": "And that's why there was so much buzz around DSPM, data security posture management." }, { "start": 603.08, "end": 604.9, "text": "Yeah, Alvin Kamara really drove this home." }, { "start": 605.28, "end": 606.26, "text": "Visibility is king." }, { "start": 606.56, "end": 608.32, "text": "You cannot protect data, you cannot see." }, { "start": 608.5, "end": 611.88, "text": "DSPM forces you to map and classify your data first." }, { "start": 612.14, "end": 615.64, "text": "Where it is, who has access, it flips the old perimeter model on its head." }, { "start": 615.68, "end": 617.22, "text": "And that all feeds back into the SOC." }, { "start": 617.98, "end": 627.24, "text": "The big NOC coverage supported by people like Liz Pinder and Jessica Bear Oppenheimer, it all highlighted this need for integrated operations for less manual overhead." }, { "start": 627.34, "end": 627.46, "text": "which" }, { "start": 627.56, "end": 633.58, "text": "leads directly to next-gen MDR as Aachenbrand was discussing, fighting automation with smarter automation." }, { "start": 633.84, "end": 635.94, "text": "Okay, so for our final theme, let's pull back." }, { "start": 636.0, "end": 640.0, "text": "Let's look at the broader strategic issues that things influencing spending and policy." }, { "start": 640.26, "end": 643.0, "text": "I think we have to start with Max meets keynote on ransomware." }, { "start": 643.08, "end": 643.36, "text": "Yes," }, { "start": 644.0, "end": 645.04, "text": "the trust paradox." }, { "start": 645.68, "end": 646.34, "text": "Exactly." }, { "start": 646.76, "end": 651.88, "text": "For a ransomware payment to even work, the victim has to trust the attacker to delete the data." }, { "start": 652.42, "end": 653.64, "text": "or provide a working key." }, { "start": 653.94, "end": 654.08, "text": "Which" }, { "start": 654.16, "end": 655.8, "text": "is absurd when you think about it." }, { "start": 656.14, "end": 661.84, "text": "And with law enforcement operations like Kronos taking down groups like Lockbit, it just reinforces the best advice." }, { "start": 661.9, "end": 662.4, "text": "Don't pay." }, { "start": 662.54, "end": 663.06, "text": "Don't pay." }, { "start": 663.54, "end": 664.54, "text": "break their business model." }, { "start": 664.72, "end": 667.76, "text": "And that message is echoing across the entire financial sector." }, { "start": 668.56, "end": 674.96, "text": "I saw Frank Chinard and Harvey Green noted this critical shift toward integrating fraud and cyber risk management." }, { "start": 675.08, "end": 677.32, "text": "They're realizing it's no longer two separate silos." }, { "start": 677.5, "end": 677.64, "text": "It's" }, { "start": 677.96, "end": 681.14, "text": "one single intertwined battlefield." }, { "start": 681.3, "end": 682.96, "text": "It needs combined leadership." }, { "start": 683.34, "end": 688.3, "text": "And while those threats are immediate, you have things like post-quantum cryptography, PQC that are looming." }, { "start": 688.34, "end": 688.8, "text": "It's a renderer." }, { "start": 688.84, "end": 691.2, "text": "Panna highlighted that it's not feature talk anymore." }, { "start": 691.34, "end": 694.0, "text": "It's a real present opportunity for crypto resilience." }, { "start": 694.26, "end": 699.52, "text": "The time to plan your crypto agility roadmap is now, not when the quantum computers show" }, { "start": 699.6, "end": 699.68, "text": "up." }, { "start": 699.86, "end": 701.28, "text": "And what about on the policy side?" }, { "start": 701.52, "end": 702.34, "text": "Well, Dr." }, { "start": 702.46, "end": 702.96, "text": "Anjuli R.K." }, { "start": 703.22, "end": 710.22, "text": "Shear and Jen Ellis hosted important sessions on UK cyber policy, specifically the Cybersecurity and Resilience Bill, the CSRB." }, { "start": 710.8, "end": 715.1, "text": "giving practitioners a chance to actually influence the details of the legislation." }, { "start": 715.24, "end": 716.2, "text": "Which is so important." }, { "start": 716.54, "end": 720.78, "text": "Bringing that ground level experience into how the compliance requirements are actually written." }, { "start": 721.68, "end": 724.48, "text": "Okay, and finally, we have to touch on the threat actors themselves." }, { "start": 724.68, "end": 726.5, "text": "Their motivations seems to be evolving." }, { "start": 726.66, "end": 727.92, "text": "Yeah, this was fascinating." }, { "start": 727.96, "end": 731.02, "text": "Matthew Pittington highlighted a point from the BBC's Joe Tidy." }, { "start": 731.52, "end": 737.08, "text": "That the biggest, most unpredictable threats aren't always sophisticated nation-states or organized crime." }, { "start": 737.26, "end": 737.3, "text": "No." }, { "start": 738.28, "end": 741.88, "text": "Often, they're teenagers chasing fame and clout on forums." }, { "start": 742.34, "end": 745.36, "text": "Which makes defense inherently less predictable, right?" }, { "start": 745.42, "end": 745.66, "text": "Totally." }, { "start": 746.26, "end": 751.76, "text": "And it means we have to invest in education and early intervention, not just more fear-driven regulation." }, { "start": 752.3, "end": 754.24, "text": "It's a social problem as much as a technical" }, { "start": 754.34, "end": 754.42, "text": "one." }, { "start": 754.58, "end": 756.56, "text": "So when you tie it all together... The recurring" }, { "start": 756.64, "end": 757.44, "text": "themes are pretty clear." }, { "start": 757.82, "end": 764.14, "text": "The maturation of AI security, the persistence of risk in legacy systems, like the Project Brain Fog findings." }, { "start": 764.56, "end": 770.82, "text": "and that big move toward resilience over rigid compliance, which people like Linus women were advocating for." }, { "start": 771.26, "end": 774.02, "text": "It all just confirms that security isn't a destination." }, { "start": 774.66, "end": 776.72, "text": "It's this ongoing, continuous journey." }, { "start": 777.18, "end": 780.72, "text": "It requires practical engagement at every single level of the stack." }, { "start": 781.0, "end": 785.66, "text": "And that leads directly to what I thought was the most provocative takeaway of the whole event." }, { "start": 786.22, "end": 791.28, "text": "It came from Virgil Octavian Tiuka, who was channeling a Key Sands recommendation." }, { "start": 791.46, "end": 791.96, "text": "Okay, what was it?" }, { "start": 792.46, "end": 798.72, "text": "that the security mindset has to fundamentally shift from purely defensive strategies to a monitor-first approach." }, { "start": 798.76, "end": 799.48, "text": "The monitor-first" }, { "start": 799.54, "end": 799.88, "text": "approach." }, { "start": 800.1, "end": 804.94, "text": "The concept is simple, but it's profound, and it integrates every single point we've talked about." }, { "start": 805.32, "end": 808.46, "text": "Assume breach, monitor everything, and respond rapidly." }, { "start": 808.76, "end": 808.96, "text": "Wow." }, { "start": 809.22, "end": 813.48, "text": "So if AI is failing confidently and encrypted traffic is still leaking secrets?" }, { "start": 813.54, "end": 817.92, "text": "And if the threat actor is an unpredictable teenager, you just have to assume your perimeter will fail." }, { "start": 818.2, "end": 819.44, "text": "Visibility and response." }, { "start": 819.88, "end": 821.12, "text": "That's the ultimate defense now." }, { "start": 821.56, "end": 824.28, "text": "If you enjoyed this episode, new episodes drop every two weeks." }, { "start": 824.68, "end": 834.82, "text": "Also check out our other editions on cloud, defense tech, digital products and services, artificial intelligence, ICT and tech insights, sustainability and green ICT, defense tech and health" }, { "start": 834.9, "end": 835.12, "text": "tech." }, { "start": 835.62, "end": 839.4, "text": "Thank you for joining us for this deep dive into Black Hat Europe, twenty twenty five." }, { "start": 839.5, "end": 842.36, "text": "Subscribe to ensure you never miss a deep dive." } ]