After Defcon founder Jeff Moss' announcement that Feds should skip Defcon rocked global headlines and triggered...
blowback from companies like Secure Ideas -- which wasted no time taking to the blogosphere to announce they'd skip it too -- we wondered about Black Hat's stance on the issue. So we quickly asked Trey Ford, general manager of Black Hat, for his take on it, and also asked Greg Young, Gartner research vice president and lead analyst for network security, for his insight about potential long-term impacts for the security industry.
Feds from the United States and abroad are welcome.
general manager, Black Hat
How does Black Hat feel about Feds attending the show this year?
Trey Ford: Feds, from the United States and abroad, are welcome and will be attending. In addition to General Alexander, we're also welcoming the CISO of the FBI as a speaker this year. Black Hat's mission is to cultivate the conversations and relationships between our communities that will in turn help define and defend the future of security.
Do you think 2013 Black Hat conference attendees are uncomfortable about the relationship with Feds?
Ford: The general tone between those groups has probably improved over the years. Snowden's Prism leak didn't give us something new to fear -- we know our spy agencies are spying. What happened is that we got some insight into how they're doing it and how far they've taken it. We all have some kind of feelings about that, but we want to see the Feds at the Black Hat conference. They need to be brought back into the conversation.
What long-term impact will this message to Feds have on the security industry?
Greg Young: It's an interesting development, which I think speaks to more friction between the overlapping communities of vulnerability research and its associated communities because of recent revelations about the NSA.
There's a material interest in selling to the government for many security companies, so that really makes this an uncomfortable issue. I expect the contortions to continue as companies decide how to react to this now that they're being dragged into it. The posture they take is going to stay with them -- yet I suspect any company that's involved in security must have a strategy to deal with this.
The upcoming 2013 Black Hat conference is being held in Las Vegas, Nevada, July 27 to Aug. 1, 2013.