Blog

5 Key Takeaways from SecTor 2023

Whether you attended SecTor 2023 or couldn’t make it, we wanted to use today’s blog to showcase 5 key takeaways from the event–and which trends to keep an eye out for as we enter 2024.

1. The Rise in Open-Source Vulnerabilities 

Did you know? According to Synopsys researchers, at least one open-source vulnerability was found in 84% of code bases. The vulnerability data was included in Synopsys' 2023 Open Source Security and Risk Analysis (OSSRA) report on 2022 data. Since most software applications rely on open-source code, this is still a significant cybersecurity issue.

The report noted: “Open source was in nearly everything we examined this year; it made up the majority of the code bases across industries,” the report said, adding that the code bases contained troublingly high numbers of known vulnerabilities that organizations had failed to patch, leaving them vulnerable to exploits. All code bases examined from companies in the aerospace, aviation, automotive, transportation, and logistics sectors contained some open source code, with open source code making up 73% of total code.”

2. Generative AI Prominence in 2023 and Beyond

Generative AI was a major topic of discussion throughout Black Hat beginning in 2022–and is showing no signs of slowing down in 2023 and beyond. 

With SecTor 2022’s opening keynote speaker highlighting the “potential benefits and risks associated with the democratization” of AI and announced DARPA’s AI Cyber Challenge, a two-year competition to develop AI-powered security tools.

To continue this discussion at this year’s SecTor event, vendors highlighted how AI, generative AI, and large language models would soon change the everyday work of security practitioners, and attendees dug into how close vendors were to making these visions reality.

3. Integration Gaps in Security Programs and Vendor Offerings

Technologies are growing more dependent on contextual information because of increased complexity in digital estates, identity roles, and other programs and systems also used by the organization.

Siloed technologies not only inconvenience security teams but can also increase risk by causing gaps in visibility and action potential. For example, an alerting system that does not tie into the location where an action is needed like resetting a password or disrupting a connection.

Moreover, isolated data also hampers investigations and decision-making timelines... which plays heavily into post-initial access vulnerabilities. This inspired our upcoming webinar: On November 28th from 1:00PM - 1:45PM ET, Packetlabs’ Team Lead of Offensive Security, Ian Lin, will break down 2023’s top 5 cybersecurity vulnerabilities post initial access.

He’ll be joined by our moderator, Packetlabs’ Lead Researcher and Offensive Security expert Ahmad Alsabagh. Together, our live panel will answer your burning questions about these vulnerabilities, will outline the havoc they’re wreaking on organizations like yours–and, of course, will provide step-by-steps on how you can start tackling them ASAP.

4. The Emphasis on Cybersecurity Awareness Training

While AI and automation can identify and respond to attacks at machine speed, they cannot be the only approach to establishing a layered cyber security posture. Security awareness training is crucial, though current policies often neglect the reality of human nature.  

Teaching habitual actions, especially when questioning a trusted relationship that employees depend on daily (e.g., their email service), is complicated and will likely never fully bridge the gap between understanding and action. Training is often aimed at having humans recognize red flags for specific scenarios, but assessments of danger are rarely cut and dry regarding human psychology.

Similarly, training tends to be quarterly or yearly, when psychologically, it takes continuous input, on a weekly if not daily basis, to form habits.

5. Cloud Security (and Rethinking Access Management)

Identity and access management is still a huge challenge for organizations, despite the numerous pushes toward cloud infrastructure and third-party tools to help manage this process. 

As more organizations implement either first- or third-party AI technologies, which include autonomous agents, the difficulty of identity and access management will only increase given the complexity of classifying these agents and determining their permissions, especially if these agents then grant permissions to other entities within the organization.

Conclusion

Ready to start integrating SecTor 2023’s takeaways into your organization’s cybersecurity strategy?

Book a meeting with our team today to discuss how our professional pentesters can help. 

Featured Posts

See All

September 27 - Blog

What is InfoStealer Malware and How Does It Work?

InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.

September 26 - Blog

Blackwood APT Uses AiTM Attacks to Target Software Updates

Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.

August 15 - Blog

Packetlabs at Info-Tech LIVE 2024

It's official: Packetlabs is a partner and attendee of Info-Tech LIVE 2024 in Las Vegas. Learn more about event dates and registration today.