ArchiveOODA Original

Black Hat and Def Con 2021 – Observations and Trends

The OODA presence at Black Hat and Def Con conferences was greatly reduced, in-line with a smaller event overall. Here are a few informal observations for those interested:

Each event had about 10k participants which represented about 1/3 of normal in-person attendance. Def Con required proof of vaccination and manually processed 10k people to verify vaccination status. Only 25 people were turned away for lack of adequate documentation. This is likely a solid indicator that in-person events are possible with appropriate controls in place. Las Vegas had an indoor mask mandate in place which also reduced the ambiguity for Black Hat attendees. Def Con had announced a mask requirement regardless of local mandates.

At Black Hat, supply chain was key thematic, with organizations still feeling the effects of the SolarWinds breach. There is a lot of interest in supply chain management solutions, which is especially driven by the recent executive order creating requirements around supply chain and software integrity for companies selling to the USG. A good reflection of this interest manifesting in the market is the recent valuation of Interos at $1b.

Ransomware is still a critical topic and while cybersecurity plays a role in countering ransomware, there was consistent discussion around resilience and recovery (ability to restore from back-ups quickly).

The U.S. government played a prominent role with the new director of CISA, Jen Easterly, providing one of the keynotes and announcing a new collaboration with the private sector (Joint Cyber Defense Collaborative – JCDC). Jen gave one of the best keynotes I’ve seen in a while and I am excited for what she will be able to accomplish at CISA.

The cybersecurity market for M&A is still hot. Going into the event you had RiskIQ being acquired by Microsoft and majority investments in two cyber threat intelligence companies – Flashpoint by Audax and Intel 471 by Thoma Bravo.

Two interesting observations from the Def Con hacker conference. At the SEAtf (a play on CTF which stands for Capture the Flag – CTFs are the competitions used to determine who the top hackers in the world are). The SEAtf focused exclusively on maritime systems with attackers targeting the systems on a yacht. The winning team was able to take over all systems on the yacht and change telemetry going to the bridge. Interestingly, the winning team not previously worked with maritime systems.

Also at Def Con is the top overall CTF competition. Teams compete and qualify all year and the top teams convene at Def Con to crown the global champion. This year’s winning team was from China. In Olympic terms it worked out as Gold – China; Silver – US; Bronze – China.

Matt Devost

Matt Devost

Matthew G. Devost is the CEO & Co-Founder of OODA LLC. Matt is a technologist, entrepreneur, and international security expert specializing in counterterrorism, critical infrastructure protection, intelligence, risk management and cyber-security issues. Matt co-founded the cyber security consultancy FusionX from 2010-2017. Matt was President & CEO of the Terrorism Research Center/Total Intel from 1996-2009. For a full bio, please see