But what else was secured (pun intended)?
Discussions all week centered around questions like: What new developments were hottest? What technologies kept coming up in conversations? Who were the top speakers? How will cyber trends change our future?
RSA HEADLINES
To jump right in, the coverage of RSAC 2023 was predictably huge. Here are some of my favorites:
CRN:
Security Week:
- RSA Conference 2023 – Announcements Summary (Day 1)
- RSA Conference 2023 – Announcements Summary (Day 2)
- RSA Conference 2023 – Announcements Summary (Day 3)
InfoSecurity Magazine (U.K.): (Note: I love all the #RSAC coverage from Beth Maundrill, but here are some samples):
- Ransomware Poses Growing Threat to Five Eyes Nations
- AI Dominates RSA as Excitement and Questions Surround its Potential in Cybersecurity
VentureBeat:
IS GENERATIVE AI THE NEW PIXIE DUST FOR CYBERSECURITY?
For those who don’t remember, back in 2006, IBM came out with their famous “pixie dust” commercial:
Axios reported that “Generative AI blitz hits cyber industry’s biggest conference”:
“Generative AI’s impact on cybersecurity is likely to be much bigger than what we’ll see at RSA throughout the week.
- Generative AI has the potential to enable security products to better detect advanced phishing attacks, proactively scan networks for suspicious activity, and automatically "fight back" against ongoing attacks, Avivah Litan, distinguished vice president analyst at Gartner, told Axios.
- Most current uses of AI in security are still reactive to threats, rather than offensive, Litan added.
“Yes, but: Gartner and other consulting firms recommend companies hold off on using ChatGPT for code generation, code security scanning and secure code reviews since large language models still struggle to write clean code and are prone to misinformation.
- ‘You have to treat an AI model as a new vector, so anything going in and out of the model directly needs special toolsets to scan for vulnerabilities,’ Litan said.”
This article does a nice job of describing developments in generative AI in the cyber industry. Here’s an excerpt:
“The cloud computing industry’s growth has led to ample opportunities and challenges. At this week’s RSA Conference in San Francisco, the focus remained on generative artificial intelligence, with some uncertainty about its involvement in recent hacks.
“The technology will likely become increasingly relevant as it develops further, but these tools still need a lot of work, according to Sarbjeet Johal (pictured), founder and chief executive officer of Stackpane.”
On the contrarian side, Jack Poller from TechTarget said this:
“As strange as it may sound, I’ll be wandering the expo halls looking for vendors that do not shout about AI and machine learning, generative AI or chat AI. I’ve complained before about AI washing, and I’ll say it again: Adding AI to your product is not like sprinkling magic pixie dust, and it doesn’t create the perfect solution.
“We have to use the appropriate tools at the appropriate places to do the appropriate things. Adding AI and ML — especially a chat interface — won’t help if they hinder the workflow. Or worse, it can hurt if the AI lies to you, as the current incarnations of ChatGPT sometimes do today.”
OTHER HOT NEWS FROM RSAC
The Register described a presentation given by the Acting National Cyber Director Kemba Walden:
“Walden met with reporters at the RSA Conference in San Francisco, and securing cyberspace in outer space was one of the topics of discussion.
“‘We are all aware that the first ‘shot’ in the current Ukraine conflict was a cyberattack against a US space company,’ Walden said, referencing Russia’s attempt to jam SpaceX’s Starlink, which was using its satellite constellation to deliver internet connectivity to Ukraine.
“‘The White House is deeply committed to driving efforts to enhance space systems cybersecurity, recognizing that the incredibly complex and unique space ecosystem requires a very close public-private partnership, given the pace and scale of private-sector innovation,’ Walden continued.
“Cyberthreats against space systems now include nation-state threat actors like China and Russia, and even acts of war, as was evidenced by the Starlink and Viasat cyberattacks. Securing these systems is a multi-faceted challenge that spans domains, components and both public and private organizations. As such, the solution will require a collaborative approach, Walden told reporters.”
For me, the demo provided by Microsoft on their new Security Copilot product was very compelling and impressive. It was also nice to meet the Security Copilot product manager at the booth as well.
IT Pro Today offered this article which describes RSAC Innovation Sandbox finalists: “HiddenLayer, an AI application security startup from Austin, Tex., won RSA Conference 2023’s Innovation Sandbox contest, beating out finalists with solutions for everything from threat detection to privacy compliance and polymorphic encryption.
“HiddenLayer’s machine learning detection and response (MLDR) platform is designed to attack the problems that AI can exacerbate, according to co-founder and CEO Chris Sestito.
“‘Artificial intelligence is the fastest-growing technology the world has ever seen, but unfortunately for us, it’s also the most vulnerable,’ Sestito said. ‘At HiddenLayer, we predict that in less than three years, protecting AI will be a bigger societal need than protecting operating systems.’”
FINAL THOUGHTS
Overall, this was another exhausting and fascinating RSAC event and was another great opportunity to network with industry peers and meet with partners, colleagues, government pros and other clients. I think the opportunity to strengthen and renew relationships is the best part of the show.
I always enjoy public-sector day on Monday. Here’s a picture from that event:
Dan Lohrmann
I do think generative AI will be transformative for our cyber industry over the next 12 months. As a nod to that, I decided to allow ChatGPT to write the headline for this article. It’s not too bad.
