Black Hat MEA 2024 Kicks Off in Riyadh Welcoming 40,000+ Cybersecurity Experts
The largest cybersecurity show by floorspace, Black Hat MEA 2024, is formally opened by the chairman of the Saudi Federation for Cybersecurity.
The highly anticipated Black Hat MEA 2024 kicked off today in Saudi Arabia, achieving a global milestone as the largest cybersecurity expo by space. With an expansive exhibition floor covering over 53,000 square meters, the event sets a new standard for cybersecurity conferences worldwide.
Event Details: A Three-Day Cybersecurity Extravaganza
Held from November 26-28 at the Riyadh Exhibition and Convention Centre in Malham, Black Hat MEA promises to be an exciting three-day event. The opening ceremony featured an Executive Summit, which explored some of the most pressing issues in the cybersecurity realm today. Topics included the transformative influence of AI on cybersecurity, the rapidly evolving threat landscape, and even the challenges of securing outer space from cyberattacks.
Inaugural Speech by His Excellency Eng. Faisal Al-Khamisi
The official inauguration of the event was conducted by His Excellency Eng. Faisal Al-Khamisi, Chairman of the Saudi Federation for Cybersecurity, Programming & Drones. In his address, Al-Khamisi highlighted the event’s growing significance and the critical role it plays in advancing the cybersecurity industry, both regionally and globally.
“We take great pride in announcing that Black Hat MEA has officially become the world’s largest cybersecurity event by area, reflecting its remarkable growth and global stature,” he said. “Four years ago, we demonstrated the readiness of the Saudi market with the inaugural edition, and by Black Hat MEA 2023, it had grown to become the most-attended cybersecurity event globally. Over the next three days, attendees will experience a truly unique event featuring more than 350 speakers, 450 exhibiting companies, and participation in 10 diverse features.”
Setting New Standards in Cybersecurity Innovation
Black Hat MEA 2024 aims to redefine the future of cybersecurity, fostering innovation, collaboration, and knowledge exchange. The event is expected to set new benchmarks for the cybersecurity community across the globe, offering a platform for thought leadership and networking.
Unveiling New Trends in Cybersecurity
The Executive Summit kicked off with a session led by Kirsten Davies, Founder and CEO of the Institute for Cyber Civics. Her presentation, titled ‘Guarding the Ballot,’ examined the efforts made to secure voting systems amidst growing cybersecurity threats. Despite significant advancements, Davies pointed out that election security remains a critical concern, with frequent cybersecurity headlines focusing on vulnerabilities in digital ballots.
“We had issues in software systems with duplication ballots, where the registrations hadn’t been cleaned up before election day, meaning there were people voting who shouldn't have been eligible to,” she said. “In some states, there were even cases where thousands of votes had no signatures or ID attached to them.
“As an industry, we are charged with protecting the most sensitive and critical data, and even in the most sacred parts of our governments and election processes, we need to be unafraid to look where the gaps are, where we should be doing risk analysis. With the adoption of artificial intelligence in its many forms, we could see the use of blockchain when it comes to voting, whether we want to transition to a fully digital platform or use mobile phone face scans to verify the ID of said voter.”
Interplay of AI, Cyber Threats, and Digital Resilience
Gary Hayslip, CISO at Softbank Advisors, took to the stage next, offering a deep dive into the complexities of cybersecurity. In his session, he emphasized the need for organizations to understand their purpose, data usage, and relationships with stakeholders in order to create resilient security programs. Drawing from his extensive experience across various roles—ranging from the US Navy to Softbank Investment Advisors—Hayslip discussed how different organizations can adapt their security frameworks to suit their unique cultures and operational needs.
“When I left the federal government and joined the city of San Diego as their first CISO, what was unique in this environment was the sheer scale of smart city projects and networks sprawling across the city, supplying services to over four million citizens,” Hayslip said. “When I first started, no one had any idea what a framework or system was, but they just knew they needed someone to manage everything.
“Even though we were handling things such as credit card transactions, what I learned pretty quickly was that it was all about relationships. Many of the stakeholders had known each other for years, so it was extremely important for me to take – what I call – the ‘fish taco’ approach, which is to invite them for lunch and get an understanding of their needs. I faced a lot of pushbacks, but occasionally, I would find someone who would be willing to take my help and do a project together, finding my champions. Once you do a few assessments around baseline risk and results start to show, that’s when things start to happen, and the net gets cast wider.”
Examining the Dangers of Deepfakes and Malicious AI
A particularly chilling session featured Bilal Baig, Technical Director for Trend Micro in the Mediterranean, Middle East, and Africa. Baig explored the alarming rise of deepfakes and their potential use as tools for malicious AI attacks. He questioned how society can keep up with the exponential growth of data and AI systems, given the complexity of tracking and securing digital content in an increasingly interconnected world.
“The current threat landscape can be divided into three factors: Ransomware, data theft, and phishing. We have platforms such as YouTube, which are the perfect places for bad actors to use AI programs to scan the faces of a CEO or Chief Legal Officer [CLO] in videos, which are then used as tools to gain valuable company information,” said Baig.
“We have seen instances where a targeted email is sent to an employee requesting a Zoom call with the CEO and CLO, and the deepfake video is played during the call requesting the employee to upload sensitive financial company information ahead of a last-minute and important meeting with a client or government partner. To the untrained eye, it is hard to tell the difference, and these types of attacks work all the time.”
Securing Space: A New Frontier for Cybersecurity
On Day One of Black Hat MEA, cybersecurity expert Umar Khan took centre stage to address the vulnerabilities in space exploration. As Chief Information Officer at Relativity Space, Khan shared his experience in working with industry leaders like SpaceX and MaxLinear. He highlighted the increasing reliance on commercial parts and open-source software in space technology, which, while promoting innovation, also exposes satellites and rockets to new cybersecurity risks. Khan discussed how these new attack vectors are being exploited by malicious actors and stressed the need for more robust cybersecurity measures in the aerospace industry.
“Satellites are no longer these mysterious black boxes,” Khan said. “Many are built with components we already know, such as smartphone processors and Linux operating systems. This makes it easier than ever for attackers to exploit weaknesses in the software and hardware. The rise of low-cost ground station technology means anyone with a US$35 software-defined radio and an internet connection can potentially eavesdrop on satellite communications or even take control of a spacecraft.”
Khan emphasised the critical need for secure-by-design principles in space systems, frequent vulnerability assessment, and strong incident response plans as he wrapped up his presentation with a call to action for the cybersecurity community.
“The resounding success of the first day of Black Hat MEA has surpassed all expectations. The energy, innovation, and collaboration on display have set a powerful tone for the days ahead,” said Annabelle Mander, Senior Vice President of Tahaluf. “It’s enlightening to see industry leaders, experts, and enthusiasts come together to address today’s most pressing cybersecurity challenges while shaping the future of digital resilience. This is more than an event – it’s a movement towards a safer, more connected world."
Comments