RSA Conference 2023: Igniting Innovation Through Collaboration in Cybersecurity
In this blog
RSA's slogan has always been Where the World Talks Security, and we sure did. By meeting with over 50 partners & clients, we embraced the conference theme of "Stronger Together" to foster collaboration, deepen relationships, and collectively address the pressing challenges faced by our cybersecurity community.
We delved into the cutting-edge technologies and strategies that are shaping the future of digital security. By aligning our efforts and expertise, we solidified our commitment to delivering comprehensive solutions that address the most complex security challenges faced by organizations worldwide.
In this recap, we share highlights, recounting the impactful partnerships forged, the insightful conversations shared, and the promising developments that emerged from our interactions with cybersecurity partners and clients.
Ashish Upadhyay - Sr. Director - Global Security Partner Alliance
Having attended this conference in the past, discovering a needle in the hay stack in terms of innovative tech startups was certainly challenging with the abundance of OEM participations.
AI/ML: Although several AI topics were being discussed, we know that AI and ML is something our industry has been integrating in security technology product offerings for years. Below are my takeaways actively discussed over beers, lunches and dinners.
- Google Cloud's Security AI Workbench – an AI powered security suite that allows users to search billions of security events and interact conversationally with results, ask follow-up questions, and quickly generate detections without learning any new syntax of schema.
- IBM introduced AI-Powered QRadar suite – compiling their QRadar SIEM, EDR and XDR through their AI engine to include alert prioritization and automated threat hunting.
- Microsoft's Security CoPilot similarly promises to help security analyst with prioritized threat and risk profile classification.
- Palo and many others also talked about AI powered SASE
Since the exponential pace of attacks are growing and human and machine resources are limited, we'll have to figure out how to leverage AI to help us solve the resource gap.
Vendor Interlocks: The best part of events like RSAC is catching up with friends in the industry both old and new. The vendor interlocks were refreshing to see, indicated by the level of interest from new and emerging vendors willingness to partner with WWT. The consistent theme was integration into a larger eco-system of partners like Palo, Fortinet, Cisco, Crowdstrike, etc.
Kent Noyes - Sr. Director of Cloud Security
RSA never fails to simultaneously energize and exhaust. This year, I was happy to see a massive emphasis on cloud security. The steadily increasing use of public cloud and SaaS across the industry is undeniable and is transforming the way IT operates. And it's certainly transforming security. The Cloud Security Alliance (CSA) kicked off the conference with an 8 hour summit. The theme was "Mission Critical", indicating that cloud doesn't only facilitate dev/test environments; it's now running mission critical IT services. As Jay Chaudhry (CEO of Zscaler) shared his perspective on Zero Trust in the cloud, he closed with a simple directive: "Don't think about lifting & shifting. Think architectural change!!"
CSA didn't waste any time tackling ChatGPT, announcing the release of Security Implications of ChatGPT just prior to the conference. This interesting and useful publication ranged from a basic explanation of what it is, to how to use it in cybersecurity programs, to how to enable a business to use it securely.
Clint Huffaker - Practice Manager, App/API and Workload Security
Something felt different about RSA this year. While it has always focused on cybersecurity, there's an evident shift in the attendees from infrastructure and endpoint to cloud, developers, and data security.
One of the main themes of the conference was around the growing importance of bringing security vendors together. Collaborating and partnering to try and be one step ahead of the next attack. But why? The partnerships and announcements coming out of RSA shed light on an invaluable asset in security. Context. Working together to give customers a more holistic security solution and provide more context than they can individually. Discussions around the growing concerns of AI (Artificial Intelligence), APIs, Applications, Cloud, or Data Security were hyper-focused on the public cloud and the pace at which organizations are moving applications, workloads and data to the cloud. Speakers discussed how AI and ML can be used to identify and respond to cyber threats more quickly and effectively. However, there's a lot of buzz about the concerns and risks that it brings to an organization as well. Like leaking business IP and data to ChatGPT.
The conference also featured discussions on the growing threat of nation-state cyber attacks, particularly from countries like Russia, China, and North Korea. Again, driving the need for increased collaboration between government agencies and private industry to better defend against these types of attacks.
Other notable topics at the conference include the economy and financial wellness of vendors, investors, and the increase in mergers and acquisitions. What that means for cybersecurity, the importance of security in the cloud computing environment, and the need for improved security in the Internet of Things (IoT) ecosystem is yet to be seen.
David Homoney - Technical Solutions Architect II
There were two main trends that I spotted at RSAC 2023, and they were not the ones I expected. I am used to single companies trying to boil the ocean, but this time the vibe was one of partnership and collaboration. Companies were working together to provide more holistic solutions. We got great news about partnerships between two API security partners (Noname Security and Traceable) and Wiz to provide a complete cloud and API security solution.
The other major theme were thousands of vendors all claiming API and App Security but those offers were tangential at best. App and API security is among the hottest of security topics, and everybody is saying they do it. This is leading to massive confusion in the market.
The traditional security and application delivery vendor most certainly are still vital to providing holistic security to apps and APIs, but they are not the only solution needed to provide security at this level.
Bryan Liebert - Cybersecurity Practice Lead, Public Sector
From a Public Sector perspective, our goal was to collect use cases and information regarding offerings and value for our Federal and SLED clients. Many of the up-and-coming cybersecurity solution providers are not FedRAMP certified. FedRAMP is a US government-wide program that provides a level of assurance to government agencies that cloud products and services meet strict security requirements and comply with federal regulations.
One notable example was from Crowdstrike (FedRAMP Certified) announcing a key integration with Cribl called CrowdStream. CrowdStream connects data sources into the CrowdStrike Falcon platform through Cribl's observability pipeline technology, serving as an efficient, speedy, and cost-effective solution to enhance the adoption of XDR and log management. By sitting in between data sources and their destination, CrowdStream simplifies the aggregation of data needed for advanced AI/ML models.
Another was from SentinelOne (also FedRAMP certified) announcing a new capability called Purple AI, a generative AI dedicated to threat-hunting, analysis, and response. Purple AI uses a variety of models both open source and proprietary and aims to increase the organization's efficiency by arming security analysts with an AI engine that can help identify, analyze and mitigate threats using conversational prompts and interactive dialog.
Melissa Purinton – Executive Security Advisor, Global Service Provider
From a Global Service Provider (GSP) perspective, we see something at RSA that peers likely don't – our clients presenting as vendors on the main stage. It is not uncommon for our Service Provider customers to resell cybersecurity technology, and many have expansive cybersecurity services programs as well.
Some key takeaways:
- DevSecOps is critical to business resilience remembering that service outages can have catastrophic impacts when the network is your business. Customer-facing applications and services are prime entry points into an even broader environment if not secured properly. Service Providers must ensure CI/CD for both internal and customer networks, is operating with a 'security by design' mentality.
- OT Security concerns are prevalent in Service Provider environments with things like radio-frequency equipment and satellite infrastructure. These concerns also apply in more unique environments like amusement parks with ride pyrotechnics, lighting, and sensors - things that make us feel exhilarated and child-like. But what happens when these systems or environments are comprised? How are organizations with critical operational technology ensuring these entry points to the business are not neon flashing targets?
- Visibility, control, management are all needed for a data security posture. This also applies in our sector. How many players globally are playing the latest video game (and at the same time)? How is the gamer's data secured? What is the organization doing to segment and protect corporate data from external access?
Alexandria Lunderman – Cybersecurity Advisor, Global Service Provider
As a GSP team, we're looking to find new partners and thought leadership to how we can help our sector and the unique challenges they face. For emerging and midmarket service providers, effective cybersecurity doesn't necessarily require a large security budget. There are solutions and ideologies that can be applied at low to no cost and greatly increase the security of the organization.
A positive theme for small organizations is you are less likely to be a target of a malicious attack. Threat actors' want to make money, and your attack surface is small with less entry points. A good place to begin is identifying your cyber risk appetite. What is the extent and type of risk you're willing to take on to achieve business objectives?
Aimee Ubriaco - Solutions Marketing Manager, Security
As a first timer to RSA and marketing strategist, my goal for the event was to soak up as much as possible and better understand what security professionals are facing today and in the future. There were 3 main takeaways I observed.
Noise: I've heard from clients and colleagues how crowded the security vendor landscape is. But there's nothing like seeing it in action. Inside, outside, all around the event were vendors vying for your attention. I'm walking away much more empathetic to our security clients responsible for making the right decisions for their organization's needs. Wading through that on a regular basis must be difficult.
Storytelling: The amount of emphasis on storytelling throughout the conference was a delightful surprise. Experts acknowledge the noise and emphasize the need to break through to get everyone paying attention to their role in security. From a revolution in cybersecurity awareness training to demos showing a hack from the perspective of the attacker; as a marketer, I'm encouraged by this trend.
Optimism: Even in the face of incredible complexity, I couldn't help but notice all the positive vibes throughout the sessions, expo, and general conversations. Seems as though everyone understands what's ahead, and we're all fired up to go do it. As Lee Klarich put it in his keynote, we all generally know what we need to do. The frameworks available are not elusive. Cybersecurity is a solvable problem.
Overall, the RSA Security Conference in 2023 highlighted the continued importance of cybersecurity in an increasingly digital world and emphasized the need for organizations to stay up-to-date with the latest threats and technologies in order to protect themselves, their customers and communities.