CYBEREYE

After what happened in Vegas, feds keep low profile at Black Hat

“Spot the Fed” has been a popular game over the years at the DefCon hackers conference in Las Vegas, as well as during the earlier years of its then-sister Black Hat Briefings. The suspicious types populating these events often did not make government officials and employees welcome.

Mark Weatherford, a deputy undersecretary at the Homeland Security Department who spoke at this year’s Black Hat, recalled that during his Navy years he had to get special permission for personnel to let their hair grow out before attending the conferences so they wouldn’t stand out.

Now in its 15th year and owned by UBM TechWeb, Black Hat has become more commercial and no longer has direct ties to DefCon (although they continue to be held back-to-back each year and share many attendees and speakers), and feds are welcome. But they once again are keeping a low profile, this time for a different reason.


Related coverage:

Black Hat: If it ain't broke, it's just a matter of time

Windows 8: A secure OS for government?


“Ever since the GSA stuff came out,” managers are reluctant to approve visits to Vegas conferences at taxpayer expense, said one DOD employee at Black Hat.

The “GSA stuff” is of course the revelation earlier this year that the General Services Administration had spent more than $800,000  on a conference outside Las Vegas in 2010. Public and congressional outrage have given a black eye to professional gatherings in Sin City.

There still were feds at last week’s Black Hat, but you had to look harder to find them. There were an awful lot of badges that had only a first name and no professional affiliation on them. And as far as talking to the press goes, well, the last thing any of them seemed to want was to see their name appear in print under a Las Vegas dateline.

Las Vegas has not been formally blacklisted, but agencies and employees are being much more cautious. At the same time as Black Hat, the Defense Department was holding an education conference at the MGM Grand and this year’s event was subdued, one attendee said.

Six months ago we would have partied,” she said. But this year it was four straight days of conference sessions with no late nights, and the breakfasts were reduced to fruit and coffee. “Now we feel like everyone is watching us.”

Fiscal restraint is not a bad thing, but it would be a shame if feds were scared away from Black Hat because of the bad publicity generated by the excesses and foolishness of some managers at GSA. The conference still is one of the most information-rich venues for those whose job is it is to run and protect networks and systems, and who must keep up with the nuts and bolts of the vulnerabilities and threats they face. It is a place where big-name researchers and basement hackers come to drop new findings, tools and exploits.

Government is increasingly dependent on commercial IT products and services and cannot secure them in a vacuum. That means it is increasingly dependent on work being done in the private sector, and there is a need for trust between government and those on the outside, said Weatherford, who heads up cybersecurity at the DHS National Protection and Programs Directorate.

Black Hat is a place where that trust can develop “Black Hat opened the door to people and groups who otherwise never would get to meet,” he said.


About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Tue, Jul 31, 2012 Cowboy Joe

I believe the Catholics refer to it as "the occasion of sin"... The city does have some distinct advantags - notably cost - but all it takes is one knucklehead in the company, and snap! ... the whole organization's a bunch a drunken cowboys. 'course, a few moons ago, that was the point.

Tue, Jul 31, 2012

Vegas is still the cheapest metro area to hold gatherings: cheaper airfare, motels, food and convention space. Anyone with half a brain should be able to determine that. Feds always run even when they don't need too - where are the backbones? GSA convention was a waste of money but to blackball Vegas because of it is just going to cost more money because no upper management has any Kahunas. Same story...

Tue, Jul 31, 2012 Justin Case In yo dreamz

Easy fix - Pay your own way and go to DefCon. It's not that expensive and you can write it off as a non-reimbursable business expense.

Tue, Jul 31, 2012 Paul

It just highlights how detrimental all this has become. We're no longer allowed to go to any professional conferences and a critical one we hold every year is on indefinite suspension. I don't think the higher ups and the public realize how important many of these conferences are to allow us to perform our mission. Much of what we've been able to accomplish in coordinating efforts between different organizations and services has been through conferences since it is the only time we are able to meet and discuss things face to face. Unless things change, our servicemembers are going to be at higher risk with greater cost because we will lose the cohesion to make things run smoothly and efficiently with minimal duplication of effort.

Tue, Jul 31, 2012 NC Dawg Raleigh

At my agency it is OK to attend conferences in Las Vegas. It is my manager’s conservative view that will not allow me to attend conferences there. I have done more cost comparisons, than I care to count, showing it is far cheaper to attend a conference in Vegas than DC. We have had conferences there and in Lake Tahoe, and these same managers were attendees. So I guess when THEY are invited, it is OK to go.

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above