Black Hat USA 2024 takeaways for data security and IAM
Black Hat USA 2024 showcased recurring themes of data security and IAM, encompassing the platform vs. point product debate, cleaning identity data and GenAI security.
Black Hat USA 2024 brought about 20,000 security practitioners, professionals and vendors to Las Vegas for a week of knowledge sharing and socializing. Let me highlight a few themes relating to data security and identity and access management, or IAM, that were woven throughout the week.
Platform vs. point products: The saga continues
The cybersecurity industry has a perennial debate around platforms vs. point products, but the reality is that it isn't an either-or; it's both. Platforms provide efficiency by consolidating functions, particularly around mature technologies, and having a single point of contact for support avoids finger-pointing among vendors. Security teams do not enjoy pivoting between consoles or maintaining a diverse tool set, so platforms continue to grow and evolve with players like CrowdStrike, Palo Alto Networks, Tenable, Trend Micro and startup Wiz leading the charge.
The flip side of the coin is emerging risks or areas where platforms might not have the agility, focus or depth to solve a problem. Nimble startups might be able to deliver a viable product to solve a problem more quickly, and that functionality can end up being folded into platforms.
TechTarget's Enterprise Strategy Group recently published research around data resilience -- the intersection of data security posture management (DSPM), data security, data protection and data governance -- and it found 65% of enterprises preferred the best tool for each area with integrations to adjacent areas, while 33% wanted a single, consolidated platform. If you had directed that question toward a more mature product area, such as endpoint or cloud security, the answer might lean more toward platform than point product.
While we all like simple answers, the platform vs. point product decision is full of nuance and depends on your organization's circumstances. Black Hat brought home this dynamic with a lot of audience attention for relatively new areas, including nonhuman identity management and DSPM. For emerging areas like these, enterprises have an immediate pain point and want to ensure a product works today and will evolve to solve their problems in the future. As the research highlighted, survey respondents have more confidence that an specialized product will solve their problems in the near term.
Securing generative AI infrastructure: A layered cake
GenAI projects are proliferating across the enterprise. For example, Enterprise Strategy Group research published in July showed that nearly half (46%) of organizations currently use GenAI to enhance analytics and business intelligence, with another 53% either piloting use cases or planning for deployment in the next 12 months.
Cybersecurity professionals recognize the potential risks with insecure GenAI infrastructure, but there are no silver-bullet solutions. Today, most enterprises are considering a portfolio of options, from DSPM to locate and classify data stores that inform GenAI models, to products that control risk in AI models, to AI application security and data loss prevention for AI. While some platforms exist today, the space still has a proliferation of innovators solving particular pieces of the AI security puzzle.
IAM: Garbage in, garbage out
Identity security practitioners have an ongoing problem with identity data that can be messy, disorganized and outdated. The norm is juggling spreadsheets and combining dirty data that results in dirtier data that can require rework to cleanse. While your identity governance and access or privileged access management data might be pristine, organizations could have multiple products -- both on premises and cloud-based. When you start combining data around application entitlements, things can get messy quickly.
Applying data engineering and GenAI helps clean up some of the garbage so identity teams can be more effective. This is an area IAM vendors are working on, but I expect to see much more innovation to solve this problem, particularly for large enterprises with complex identity environments.
We'll see how my prognostications hold up at Black Hat 2025.
Todd Thiemann is a senior analyst covering identity access management and data security for TechTarget's Enterprise Strategy Group. He has more than 20 years of experience in cybersecurity marketing and strategy.
Enterprise Strategy Group is a division of TechTarget. Its analysts have business relationships with technology vendors.