Black Hat USA: Former CISA Director Says Cybercrime to Get a Lot Worse Before Better

Black Hat attendance is back to pre-pandemic levels.

Edward Gately, Senior News Editor

August 11, 2022

9 Slides
Chris Krebs

Former Cybersecurity and Infrastructure Agency (CISA) director Chris Krebs says when it comes to cybercrime, things are going to get a lot worse before they get better.

Krebs was the keynote speaker on the first day of Black Hat USA 2022. The event, which marks the 25th year for Black Hat USA, has drawn attendees from 111 countries. The event is back to pre-pandemic levels with tens of thousands of attendees.

In his keynote, Krebs focused on three questions when it comes to cybercrime: “Why is it so bad right now? What do you mean it’s going to get worse? And what are we able to do to contribute to solve the problems in front of us?”

“There are four main reasons why it’s so bad,” he said “That’s the technology, bad actors, the government and us as people.”

Regarding technology, the business benefits of insecure products outweighs those of secure products, the former CISA director said.

“Businesses are focused on efficiency,” he said. “They see us as slowing them down. Security is seen as a friction.”

In addition to the ever-proliferation of insecure products is increasing complexity, particularly in the cloud, Krebs said.

Some Good News

Krebs said there is some good news. “We have a vibrant, robust ecosystem, and vendors are addressing some of the underlying vulnerabilities,” he said. But it’s not enough.

In terms of attack surface, there are opportunities for the bad guys to come in and get what they want, he said.

“Over the last couple of years, the biggest falling down of government and industry is ransomware,” Krebs said. “The bad guys figured out how to monetize vulnerabilities.”

If you’re on the internet or email, you’re “on the playing field” for cybercriminals, he said.

“The threat actors at the top understand the shifts in our business,” Krebs said. “They understand we’re making things more complex, relying on software updates. Companies that are shipping products are the target. If you’re hosting, you’re the target.”

And adversaries are targeting the supply chain because that’s where the access is, he said.

Scroll through our slideshow above for more from Krebs and more from Black Hat.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:

MSPsVARs/SIsChannel Research

About the Author

Edward Gately

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

See more from Edward Gately
Free Newsletters for the Channel
Register for Your Free Newsletter Now
Subscribe

You May Also Like

Galleries
See all
Mar 24 - Mar 27, 2025
The Channel Partners Conference & Expo, co-located with MSP Summit, is the gathering place for the technology services community. Agents, VARs, MSPs, integrators and service providers will converge to share ideas and drive discussion on the topics shaping our industry.
REGISTER NOW