The 8 Key Themes of BlackHat 2025

Las Vegas’ Mandalay Bay hosted the 2025 BlackHat conference last week with an estimated 22,000 guests.  The focus of Black Hat is to provide a platform for the latest cutting-edge research, developments, and trends in information security. It brings together security professionals, researchers, and leaders to share groundbreaking research, discuss emerging threats, and explore the latest vulnerabilities and defense strategies.

This year’s show didn’t disappoint.  There were 8 major themes that dominated the conference:

• AI’s Dual Role in Cybersecurity: AI was a dominant theme, with discussions centering on both its use by attackers (AI-powered threats, generating exploits, phishing) and by defenders (AI for detection, incident response, vulnerability management). AI plays a dual role in cybersecurity, acting as both a powerful defense mechanism and a potent tool for attackers. While AI enhances threat detection, automates security tasks, and streamlines responses, it also empowers malicious actors to create sophisticated phishing campaigns, develop advanced malware, and launch targeted attacks

• Focus on Applied AI Security: There was a strong emphasis on practical, real-world applications of AI in cybersecurity, moving beyond just hype to discuss the implementation of AI-powered platforms and tools in security programs. Applied AI security is a specialized area of cybersecurity focused on safeguarding Artificial Intelligence (AI) systems from the unique and evolving threats they face. It goes beyond traditional cybersecurity by addressing vulnerabilities and attacks specifically targeting AI models, data, algorithms, and infrastructure throughout their lifecycle

• Cloud Security Challenges and Solutions: Talks focused on advanced cloud attacks, securing multi-cloud environments, identity and access management in the cloud, and defending against cloud-native threats.
• Offensive Security and Red Teaming: Sessions covered new evasion techniques, bypassing defenses (EDR, MFA), lateral movement, attacking Active Directory, and exploiting various vulnerabilities in systems and applications.
• Human Factors in Cybersecurity: Discussions highlighted the human element, including social engineering attacks, the challenges of burnout and job dissatisfaction in the industry, and the need for more effective security awareness and education.
• Ransomware’s Persistence and Evolution: Ransomware remained a significant concern, with reports highlighting the rise of multi-dimensional attacks, the impact of AI on ransomware campaigns, and the importance of data backup and recovery strategies.
• Emphasis on Proactive and Integrated Security: There was a push towards more proactive security measures and the need for integrated security platforms to manage complex threat landscapes and improve incident response capabilities.
• Vulnerability Discovery and Exploit Development: Sessions focused on finding vulnerabilities in hardware, firmware, binaries, and AI models, along with developing and demonstrating new exploitation techniques

Of course all of the major themes were interesting to me, but I think that AI Security, not just the technology it brings, but other facets connected to the technology is something the community will need to work through this coming year.

Any new technology entering the cybersecurity space has an impact on Cybersecurity Professionals.  While AI can help us greatly with things like threat detection, incident response and vulnerability management, AI is not a replacement for human expertise.

AI will augment human capabilities, not replace them, requiring cybersecurity professionals to adapt and learn how to work alongside AI.

Organizations will need to invest in training and upskilling their workforce to effectively leverage the capabilities of AI in cybersecurity.

Looking forward to seeing all of you at BlackHat 2026!