Black Hat tilts toward business users

According to a survey conducted by anti-virus giant Symantec, more business users than ever before attended the Black Hat 2007 security conference held this week in Las Vegas.

Based on the study, which surveyed roughly 400 of the show's 4,000 registered attendees, people who identified themselves as IT managers comprised a far larger cross-section of the Black Hat audience than in year's past, making up some 42 percent of the crowd.

The result marks an impressive gain in the number of business workers attending Black Hat compared to 2006, when Symantec's survey found that only 26 percent of the audience identified themselves as corporate IT pros.

Show-goers and presenters repeatedly noted the apparent shift in Black Hat's demographic makeup on the show floor this year, as business users continue to spend more energy on addressing security issues, pushed to do so by data governance regulations and the ever-increasing sophistication of malware attacks and electronic fraud.

In previous years, Black Hat was recognized as an event that primarily drew security researchers and all forms of hackers -- both ethical and nefarious.

Despite a strong presence from those groups at the show -- and the likelihood that such individuals may have been less willing to participate in Symantec's survey -- it was clear from the job titles and companies represented among the attendees that this year's event had become more corporate in flavor.

While a dominant proportion of the 2007 conference sessions were oriented toward identifying software vulnerabilities and building exploits that can be used to defeat the bugs, the consensus among show-goers was Black Hat's sister conference, Defcon, being held in Las Vegas from Friday through Sunday, has taken over as the de facto hacker gathering.

Chief security concerns of IT

Among the business users surveyed by Symantec, concerns with vulnerabilities in Microsoft's dominant operating systems remained high. Security of the software maker's Windows XP OS was tabbed as the most pressing security concern for 60 percent of the IT managers who responded.

A larger share of the IT managers participating in the study indicated that they were concerned about potential security problems in Microsoft's newest Windows Vista OS, despite all of the onboard defense technologies that were built into the product. Some 38 percent of the business IT workers said they were worried about security issues in Vista, compared to 31 percent in 2006.

Many respondents who identified themselves as security researchers in Symantec's Black Hat survey expressed a growing interest in examining Vista's potential weak points. Only 41 percent of the researchers, however, said that Vista is one of their primary areas of focus, compared to 55 percent last year.

Among all show-goers, some 36 percent said that they were at Black Hat to research security issues related to messaging and scripting technologies, along with those connected to networking infrastructure technologies.

Security concerns related to mobile technologies, virtualization, and Web services were other central issues on the minds of Black Hat attendees, according to Symantec.