I recently returned home from RSA Conference 2023. RSA, of course, is one of the largest cybersecurity events in our entire industry. This year it boasted around 49,000 registrants. Here are some key takeaways from my perspective as a chief information security officer (CISO), analyst, and longtime cybersecurity practitioner.
Which companies are the most important vendors in cybersecurity? Check out
the Acceleration Economy Cybersecurity
Top 10 Shortlist.
AI-Enabled Defense
It seems you can’t turn anywhere today without seeing an article about artificial intelligence (AI). Every day there are new headlines on topics ranging from AI’s impact in the classroom to nation-states integrating AI with national security capabilities to governments potentially regulating AI risks.
The buzz at RSA was no different, with many vendors putting AI front and center. As I walked the expo floor of the robust vendor ecosystem, I observed countless vendor discussions on the part AI was playing in capabilities and products, especially in the areas of automating secure code reviews, threat modeling, and vulnerability prioritization.
The Chief Security Officer (CSO) of RSA himself took the stage, accompanied by an AI avatar. He discussed the implications of AI on technology, cybersecurity, and society. The AI avatar said there is “zero chance of zero trust, without the use of AI”.
As an industry, we are emphasizing the role AI will play in cybersecurity, and AI seems to agree with us.
Identity-Centric Security
We’ve continued to see an industry-wide push for zero trust, with identity now being a core focus, and many stating that we’re moving away from the legacy perimeter-based model to an “identity-centric” security model. The trends that surfaced at RSA supported that claim, with many vendors emphasizing the role of identity and access management (IAM) in helping organizations manage identities, permissions, access control, and more, and doing so in our modern complex multi-cloud and hybrid cloud environments.
Capabilities I saw included things such as:
- phishing-resistant multi-factor authentication
- dynamic least-permissive access control
- context-aware automation to facilitate access from the distributed and remote workforce
Managing the Complex Modern Attack Surface
Ask any cyber practitioner, and they will tell you that the modern attack surface is robust, and the threat landscape is constantly changing. Another central theme I saw among vendors and products at RSAC 2023 was trying to manage the modern attack surface, or, as some called it, exposure management.
We now have data and workloads running in multi-cloud and hybrid-cloud environments, hundreds of different software-as-a-service (SaaS) applications, a distributed workforce with bring-your-own device (BYoD) endpoints — all of which the enterprise has limited control over.
All of these factors lead to a challenging attack surface to monitor, manage, and govern. Connect that to the growth of software supply chain attacks, third-party risk management, and application programming interface (APIs), and the problem is even more complex and daunting.
Many vendors at the conference were trying to help organizations address this complex attack surface by ensuring they are both producing and consuming secure software components, monitoring their interconnections and data flows to and from third parties, and getting a handle on their API security in modern DevSecOps microservices environments.
Final Thoughts
At the end of the day, we’re seeing the industry evolve, grapple with complex attack surfaces, focus on identity-centric cybersecurity, and leverage AI and automation to try and keep pace with the changing threat landscape that easily surpasses what humans alone can do.
Want more cybersecurity insights? Visit the Cybersecurity channel:
