Jul 31 2025
Security

Black Hat 2025: A Growing Need for Advanced Security Solutions

This year’s Black Hat USA event in Las Vegas will address quantum computing and the many facets of artificial intelligence.
K-12 Editor Rebecca Torchia
by

Rebecca Torchia is a web editor for EdTech: Focus on K–12. Previously, she has produced podcasts and written for several publications in Maryland, Washington, D.C., and her hometown of Pittsburgh.

Security professionals are gearing up for Black Hat USA 2025, taking place Aug. 2-7 in Las Vegas. Described on its website as “the most respected information security event series internationally,” Black Hat offers a dizzying number of briefings (speaking sessions sharing the latest security news and research), trainings (expert-led, hands-on technical courses), summits (single-day, topic-focused community events), and more.

With so many options, attendees should approach this conference with a strategy tailored to their personal goals and business needs. IT leaders at financial institutions, for example, should focus on sessions about artificial intelligence (AI) agents and social engineering.

“We’re seeing better-orchestrated social engineering attacks against them,” says CDW Chief Security Technologist Jeremiah Salzberg.

Salzberg and Walt Powell, CDW’s lead field CISO, shared key areas of focus for attendees at this year’s Black Hat USA conference.

Click the banner below to explore trends in artificial intelligence security.

XS_Q225_AI_cta_desktop03 XS_Q225_AI_cta_mobile03

 

The Move Toward Post-Quantum Cryptography for Data Security

As security professionals work to future proof their organizations, they will need to have conversations about post-quantum cryptography.

“Post-quantum cryptography is coming,” Powell says. “I will be asking all of the vendors, ‘What is your roadmap for replacing your cryptography with quantum-safe cryptography?’”

Quantum computers, which are becoming more and more prevalent, are powerful enough to break encryption, either by brute force or other mechanisms that detect weaknesses, Salzberg says. “Because of that, we need to look at methodologies for stronger encryption.”

RELATED: What is the difference between public key and private key cryptography?

“A lot of people think is a 10-years-from-now problem. It’s actually a today problem,” Powell adds.

Business Continuity in the Face of AI-Powered Cyberthreats

When it comes to AI, IT leaders at Black Hat USA will want to focus on advanced technologies that allow them to protect themselves from it.

“How do we protect ourselves from AI? We’re certainly seeing attackers use it quite a bit more in social engineering and deep fakes,” Salzberg says.

Trainings on risk quantification and identity analysis and solutions such as agentic security operations center analysts can prepare organizations to better protect their infrastructure.

Also on the agenda at Black Hat USA this year is a main stage presentation on the security benefits of the National Security Agency’s Continuous Autonomous Penetration Testing service. CAPT allows the Defense Industrial Base to find, fix and verify exploitable weaknesses, improving the entire organization’s cyber resilience.

DIVE DEEPER: Leverage adversary intelligence to thwart cyberattacks, experts say.

Other learnings from vendors such as Fortinet, Microsoft and Trend Micro can help IT professionals further their event planning around protecting themselves from AI.

However, that’s not the only AI security organizations need to plan for. They also need ways to secure the use of AI internally.

Measures to Secure Your Organization’s AI Tools and Workflows

Securing AI tools internally starts with strong data governance. “Data governance is so vital, and even more vital now for any AI initiative,” Salzberg says. “It’s required to feed AI good, clean information and to make sure it doesn’t have access to information it shouldn’t have.”

Jeremiah Salzberg
Data governance is so vital, and even more vital now for any AI initiative.”

Jeremiah Salzberg Chief Security Technologist, CDW

Data governance doesn’t just protect existing data and ensure reliable outputs, it also keeps an organization’s IT department in control of an AI solution. “If it starts getting access to too much data, you’re able to put guardrails around it and limit what it’s allowed to do,” Salzberg explains.

Additionally, agentic AI solutions need protection from more than just attackers; they need protection from employees and insider risk. Al will access and share anything within the organization it has permission to — if “your HR department saves files in public folders,” for example, Powell warns.

When it comes to protecting organizations from insider risk — intentional or otherwise — small businesses should be especially aware of the tools they’re using, Salzberg says.

Microsoft Copilot, for instance, is very easy to turn on. For small businesses especially, it’s tempting to just turn on Copilot and let people use it, but if you don’t have quality data access governance, then it will give you back whatever it has access to,” Powell says.

While they may lack resources and expertise compared with larger organizations, small businesses do have an opportunity to get their arms around AI and data governance now, before it snowballs and becomes impossible to manage. This makes sessions on data governance and small businesses at Black Hat USA especially important.

Keep this page bookmarked for articles from the event, and follow event highlights and behind-the-scenes moments on the social platform X @BizTechMagazine and @BlackHatEvents.

bt-blackhat2025-static-2025-follow-desktop bt-blackhat2025-static-2025-follow-mobile
Lahiru Lakmal/Getty Images

More On

Related Articles

Close

See How Your Peers Are Leveling Up Their IT

Sign up for our financial services newsletter and get the latest insights and expert tips.

Click Here to Sign Up Now