You can’t do everything at Black Hat, no matter how hard you try. But how do you decide what to cover, what to skip, and who to put on your “must see” list? As part of our on-the-ground series at Black Hat, we talked to Axios’ Sam Sabin to learn how she makes the most of her limited time and energy to maximize her coverage of one of the biggest security events of the year.
The full transcript of the conversation can be found below, but if you only have time for a quick scan, check out our “Dialed-in Snapshot” for the points you can’t miss!
Dialed-in Snapshot:
- When it comes to making the most of her limited time at the show, Sam prioritizes on-the-record interviews with companies she knows, rather than intro meetings. She wants to know for certain that when the conversation wraps, Sam will have a quote for something she’s working on.
- Sam’s approaches to Black Hat and DEF CON are very different. DEF CON is all about panels, and that’s consistent every year. Black Hat, for her, is about catching the handful of high-profile keynotes. She bases her selection on her knowledge of the speakers, whether she knows if they’ll provide value to her understanding of a topic, or someone who often gives a buzzworthy quote about China or AI.
- To maximize her time on-site, Sam prefers to attend a press conference or a media mixer where she can connect with multiple experts from a company at once. If she knows that your company is hosting a party, she would rather attend that than try to arrange one-on-ones with each of them to save time. Don’t be surprised when she doesn’t reach out to schedule for that reason.
- Sam views panel appearances as networking opportunities, because she gets to know the panelists in a way that she wouldn’t otherwise.
- When it comes to getting a journalist to read your pitch email, Sam’s advice is to make it personal and make it quick: “Here's why I think you would be great. You want it?”
Something I want to demystify for readers is the time you have available to take meetings at conferences. It would be great if you could take us through a day in the life of an Axios reporter at Black Hat.
Because I’m the only person who covers my beat, I live and breathe by this one Google Doc. For a show like Black Hat, I compile everything, usually a week or two before, depending on the news that year. This year, it was days before. I don't recommend that.
When I arrive at the show, I’m usually on the ground prioritizing meetings from the jump. I start meetings around 10 a.m. From there, it’s bouncing around from room to room, trying to get as many one-on-ones done based on all of the bigger picture stories I’m working on.
I make the most of the fact that everyone is in one spot, and we don’t have to coordinate phone calls or make calendars line up. We don’t have to play that game because we’re all in one spot. It’s amazing to find a place in the lounge or the media room and chat for 20 minutes.
I prioritize on-the-record interviews with companies that I know, rather than introductory meetings, because I need things for my newsletter and to file stories.
At some point during the day, I do eat. It’s unclear when I’ll have time. But I eat at some point. Or I lean into coffee.
After that, I try to pop into a panel or two. But some years, if I can’t make it to a panel, it’s not a big deal. I’m here mostly to take meetings on the side.
In the evenings, I usually make it to two or three parties, and if there’s a vendor I couldn’t do that catch-up meeting with, I’ll say hi and hang out with them off-the-record. That always makes things so much easier. I want to show that I’m a human being who’s friendly and kind and not out for someone. That way, if, god forbid, I ended up on a call where it gets a little tense, at least we know my intentions and we have that relationship. Then, at some point, I cap it. The week here is so long that I usually attend one or two, and I’m in bed by nine.
Rarely do I file from the conference, especially if it’s unrelated to the newsletter. I would only publish something “big picture” on cybersecurity.
It's a lot of running around, wearing sneakers, and meeting with whoever I can.
You mentioned you were late to dig into the agenda this year. What sessions stuck out? And how many do you plan on attending?
It's funny, because [what sticks out] also keeps changing. It’s usually a few of the government ones. But now, this year, I have a big hole in my calendar. This year, in particular, it varies between Black Hat and DEF CON. I would say my approach to DEF CON is the opposite of Black Hat, in that [DEF CON is] very panel-focused every year. If we’re talking Black Hat, I attend high-profile keynotes. I prioritize the ones where I know the speaker will provide value to my understanding of a topic, or give a buzzworthy quote about China or artificial intelligence. I know they’ll cut through the BS of what people need to know about the threat landscape and how it’s changing, or similarly, how defenders need to be on top of that evolution.
This year, I’m trying to go to [Former U.S. National Cyber Director] Chris Inglis and [Founding Partner of Silver Buckshot Ventures] Nicole Perloth’s keynotes. And then anything panel-wise on AI. I'm personally super obsessed. I’m super obsessed with the cat and mouse of whether or not defenders are ready for what's coming. Attackers can play with AI all day long. They don't have to get their CFO to sign off on buying OpenAI subscriptions. Attackers also don’t have to explain to their CTO about the organization’s heightened cloud usage.
I’m obsessed with how quickly we’re adapting. Do we have the tools? I’m always trying to get a read on that temperature track, and what is actually legitimate and objective in AI for cybersecurity. At some point, I’ll go through the expo room and count how many of the booths have agentic AI signage displayed on them. I’ll likely run out of time doing that.
Back to your original question, likely one or two sessions a day.
Before Black Hat, our media director, Robert Smith, published an interview with CSO’s Cynthia Brumfield about the agenda being light on government officials this year. A show like Black Hat likely makes it easier to get in front of them. Does that take away from the experience for you?
Yes and no. For me, I’m the rare cybersecurity reporter that’s not in Washington, D.C., so the lack of government speakers is not as detrimental to me as it is for others, in part because I’m thinking about the industry at large.
I would take a broader view. This administration seems like it will take a light touch on regulation, compared to any other administration. Cybersecurity partnerships aren’t as heavily relied on. Maybe they will be, but that’s up in the air. Because of all that, I think a lot of the change in the industry, and in cybersecurity as a community, will be driven by industry over the next few years. D.C. is not going to operate the same way. CISA is much smaller than it was six months ago. The DOD is not as engaged in these events. Everyone I knew at the NSA is now gone, which is rare, no matter the administration.
I’m personally thinking about AI and social engineering, [managed service providers] and insurers. The industry still comes here. I try to meet with as many CEOs as well. That, and the lack of government presence, is a story in and of itself. So it doesn't change the experience much for me, but it does mean I value one-on-one time more.
You publish the Future of Cybersecurity Newsletter once a week on Tuesdays. You hinted in your last edition that you’d have a bonus issue for Black Hat. When do you carve out time to write? Because this blog won’t publish until well after your newsletter, can you tease what you may cover?
How do I carve out time to write is an amazing question. It's been a lot of trial and error. Some years, I definitely overbooked. That meant I was writing quickly, and I got the smart brevity in the 10 minutes I had between sessions or meetings in the media room. Or it meant I was eating my dinner in my bed with my computer in the hotel room at nine o'clock at night, trying to file for the next day. In past years, it was harder because I had the Friday newsletter. That meant I had to file multiple times in the week, but I figured it out.
This year, I pushed myself to carve out time. I also had to carve out time to take breaks. I will RSVP to attend parties, but if I realize halfway through the day that I don’t have the energy and I have to write, I won’t go. I’ve allowed myself to be super flexible with my schedule without having to be at or do everything. I’m one person, and I have my limits.
Story-wise, a lot of the things I'm eyeing here are evergreen, big-picture thoughts that I was already thinking about before I left for Vegas. These were things I believed would be big at the show. I did a roundup of all the announcements I’ve gotten. I have an inbox full of product pitches that I just don’t have the time to reply to. Many of them are, “XYZ vendor has a new autonomous agent that can do XYZ.” I plan to ask executives where this is all heading. Will adoption be fast or slow, and what does that look like on the defense side?
Generally, I get a lot from walking into a briefing and telling the interviewee I have three topics, and see what happens. Then, someone says an off-hand thing, and that plants a seed.
Then, I would like to do a prediction series once a month. I’d spotlight high-profile executives who have been in the industry for years about what they’re thinking and what might happen next year. Someone once told me that, in the next year, we'll have our first trillion-dollar cybersecurity company that isn't Microsoft.
Highwire has partnered with you on panel moderation at events. Have you been approached to moderate any panels at Black Hat this year? How do you pick and choose which ones you want to be a part of or not?
I do, but I didn't get any for Black Hat. I've been doing a lot this year, so I wasn't upset. I was thinking, “I don't have to pack my nice shoes.”
In terms of how I choose, it's usually a dual decision. [First,] we have editorial guidelines within Axios, so it depends on who's asking. It depends on the audience, the purpose of the panel. They can feel a little like I’m helping a company do a sales pitch, which I know can be a tough line, but if the ask is, “Sam, we need you to go on stage and ask our CEO questions about our new product,” then I'm not the right fit. In general, I rarely ever turn things down.
[Second,] I want it to be a good group of people or an interesting topic that will help others learn. I view them as networking opportunities. I get to know the panelists in a way that we wouldn’t otherwise. Then they think of me more than another byline that they saw somewhere, like another person. If it's interesting and there’s a conversational feel, I'm down.
You mentioned to us that you like attending events that companies host in the evening. As this interview has shown, your schedule is tight. Is it easier for you to attend events or take one-on-ones?
This is a hard ranking. I definitely put a panel last. Someone who’s a daily publication reporter might rank that differently, but for me, smart brevity, I’m not writing on every panel.
It’s a slight edge for one-on-ones over events, but they're interchangeable depending on the event. If there’s a press conference or a media mixer where I know multiple experts I would have spoken with from a company will be in attendance, I'll prioritize that over a one-on-one with each of them. It’s so easy for me to pop in for an hour and talk to everyone. The companies I know that do the mixers, I won’t reach out to schedule time with them. I prioritize interviews where I know I’ll get an end product.
As someone we’re sure has countless emails in their inbox to meet companies at Black Hat, what advice would you give to a comms person to stand out? Is it persistence? Do you want to see an understanding of the trends you’re covering?
It’s hard because it depends on the comms person. I don’t want to sound like I’m unaware, especially at an agency, of how different clients have different things. The more tailored or personal it is, the better. I receive so many product announcement emails, and people are persistent because they know I cover agentic.
Be targeted and consistent with them. The more you understand what they do at a publication, the better. Punch up the pitches. Some are four or five-paragraph essays. The more you can just say, “Hey, I have this under embargo,” or, “Here's why I think you would be great. You want it?” Also, “Meet with this CEO based on your past coverage of X, Y, and Z.”
I’m not sure about persistence, because I have so many people ringing my phone off the hook all the time, and I usually don't have time. I don't like having a bunch of emails in my inbox, and there's no way you do either.
