BlackHat Asia 2017

Posted on 12/04/2017 by Jay Banghar


For technical, up to date and general global security information, the BlackHat event series can be largely regarded as a thought - leader. The BlackHat event series had given attendees up-to-date knowledge in security research, development and trends, in a vendor neutral environment. So when I heard that BlackHat was coming to Singapore, I definitely had to make myself available - I couldn’t wait to learn more about the current industry status in Asia.

Held at the renowned Marina Bay Sands over a period of 4 days, there was a wide array of MNCs to SMEs booths specialising in various advanced security technologies on display.

I found it interesting to note that these companies (or vendors) were competing against one another in different ways. One of which was being the booth itself with animated storyboards, walking robots and mascots, which really catches the eye.

There were some noteworthy company booths which clearly showcased the next - generation endpoint protection, threat intelligence and response services. For instance, putting together algorithmic intelligence and machine learning, a hacker’s mindset or perspective is understood and this helps in being predictive against threats.

Application Security rising

It is evident that with the rising endpoint attacks these days, Application Security, or the practice of taking measures throughout the application’s lifecycle to prevent gaps in security, has become increasingly important. There were many leading service providers in Application Security with sophisticated high - end platforms. There were very fascinating concepts showcased; for instance there was the 3rd generation Application Security testing based on a hybrid model. This meant that not only did this technology included Automated and Human-Augmented Web Vulnerability Scanning (which were 1st and 2nd gen respectively), but it combined Human Intelligence and Machine Learning technology as well. I observed that some of the companies with these extremely advanced and leading technologies had an established overseas presence and were seeking to raise their profile in Singapore.

Skills shortage

After interactions with several individuals and companies at the event, there was one thing that became evident - As much as Cybersecurity is constantly in the spotlight today, there was quite a significant skills shortage in the industry worldwide, and skills such as Application Security were very high in demand. It got me wondering as to why this could be the case, especially in many advanced parts of the world.

Challenge in finding skilled Cybersecurity professionals

One of the sentiments echoed by many at BlackHat was that there was a challenge in finding skilled Cybersecurity professionals, who come with combined broad technical skills with specific security expertise and as well as an understanding of business risk. This was to a certain extent a result of a lack of adequate training. Most companies preferred at least a bachelor’s degree in a relevant technical area, however this was a conflicting view. It was noticeable from the professionals themselves that this requirement seemed superficial, despite its usefulness - things such as hands-on experience, hacking competitions and certifications ranked higher amongst them in terms of building up cybersecurity skills.

Cybersecurity technologies could be easily automated or outsourced

Another point that was shared unanimously was that Cybersecurity technologies could be easily automated or outsourced. This could then be a potential solution to skills shortage. Ultimately, I do believe that organisations and governments have an important part to play in the Cybersecurity industry. The amount and growth of Cybersecurity spending is largely related to how the organisation or country prioritises it as a whole. They would then serve as examples for others to emulate, such as in recruitment and developmental research.

What do you think? Share your thoughts around Cybersecurity. Call us! 

+65 6589 8787