Couldn’t make it to the RSA Conference 2024 in San Francisco? We’ve got you covered. Here are some of the top talks you missed, along with an exclusive on-demand webinar featuring our CTO, Luis Rodriguez, who breaks down the most critical insights from this year’s conference.
Previous conferences showed an incremental landscape, with emerging threats and practices, techniques, and tools. The adjectives “transformational” and “disruptive” were seldom used, mostly for hype. But for this year, most lectures coincided in that we are witnessing a huge change in cybersecurity. Are we assisting at a quantum leap, a radical disruptive transformation on securing our digital world and its threats? We live in the most complex threat landscape in history, driven by cybercrime.
Many keynotes and panels focused on AI (from all viewpoints), the power of community, new regulations aiming at improving the security posture of the public and the private sector, and the changes that open source, based on implicit trust, need to embrace.
The following summarizes some captivating keynotes in RSAC 2024:
1. The Power of Community
Speaker: Hugh Thompson, Executive Chairman, RSA Conference
Hugh Thompson kicked off the RSA Conference 2024 by emphasizing the theme “The Art of Possible,” urging attendees to recognize the power of community in overcoming cybersecurity challenges. He highlighted three major trends: the resurgence of burnout due to increasing pressures, the pervasive integration of AI across cybersecurity disciplines, and the evolving nuances in risk management. Thompson encouraged attendees to explore diverse sessions, network with new people, and remain open to new ideas to tackle these challenges effectively.
Key Highlights:
- Theme: The Art of Possible: Emphasizes the strength of community, urging attendees to “never underestimate what is possible by our adversaries.”
- Major Trends:
- Burnout: Increasing in 2024 due to ransomware, liability, and reporting pressures.
- AI Integration: AI is now pervasive across all sub-disciplines of cybersecurity.
- Risk Management Nuances: Evolving practices often lead to a false sense of security.
Thompson’s Advice:
- Attend diverse sessions to gain new insights.
- Network with at least three new people and engage with curiosity.
- Stay open to new ideas and opinions.
2. The State of Cybersecurity – Year in Review at the RSA Conference 2024
Speaker: Kevin Mandia, CEO of Mandiant, Google Cloud.
Kevin Mandia’s talk provided a comprehensive review of the current cybersecurity landscape, noting minimal repercussions for threat actors and the evolution of ransomware tactics to include extortion and harassment. He emphasized the increasing involvement of company boards in cybersecurity due to regulatory pressures.
Key Takeaways:
- Few Risks for Threat Actors: Minimal repercussions for cybercriminals have led to increased offensive innovations.
- Ransomware Evolution: Pure encryption-type ransomware evolved heavily into data theft and extortion (getting the ransom paid is the goal for sure).
- Board Engagement: Increased regulatory requirements have heightened board involvement in cybersecurity. Last year was the best-ever in partnership between the government and the private sector.
Major Trends:
- Accelerated innovation in offense: from spear phishing to exploitation, with zero-days in network appliances as a hot topic.
- Some positive news: Dwell time reduction, improved awareness, and resilience against ransomware.
Recommendations:
- “Secure by design” is a good initiative, as it moves liability to the sources. Software vendors should be liable for the vulnerabilities and exposures they create and for the weaknesses in software infrastructures.
- The Cyber Safety Review Board in the US emitted a report with 23 security recommendations to follow for cloud providers that provide services to the government. Keep an eye on such recommendations, as they might impact your cloud security posture.
3. The Time is Now: Redefining Security in the Age of AI
Speaker: Jeetu Patel, Executive Vice President and General Manager, Security and Collaboration, Cisco
Jeetu Patel discussed the transformative impact of AI on cybersecurity at the RSA Conference 2024, highlighting a shift from scarcity to abundance by significantly augmenting human capacity. He explained the need for evolving data centers to support AI workloads and outlined major security challenges, including segmentation, patching, and updating dated infrastructure. Patel emphasized the importance of integrating AI natively into core infrastructure, utilizing kernel-level visibility, and leveraging hardware acceleration to enhance threat detection and response, predicting a future with self-managing security systems.
Key Highlights:
- Transformation in Cybersecurity: AI is significantly augmenting human capacity, moving from scarcity to abundance.
- Evolving Data Centers: These will need to expand to support AI workloads, leading to a complete reimagining of facilities.
- Security Challenges. Segmentation is hard, as containing attackers in a distributed environment is challenging. Patching is hard because the gap between vulnerability announcements and patching creates critical exposure. And updating is hard: Dated critical infrastructure makes timely updates difficult.
Key Technological Shifts:
- AI Integration: AI must be natively integrated into the core infrastructure.
- Kernel-Level Visibility: Tools like eBPF provide deep visibility for detecting anomalies.
- Hardware Acceleration: DPUs and GPUs enhance the speed and efficiency of threat detection and response.
4. The Five Most Dangerous New Attack Techniques You Need to Know About
Speakers: Ed Skoudes, President SANS Tecnhonoly Institue College; Heather Mahalik Barnhart, DFIR Curriculum Lead, SANS Institute & Cellebrite; Stephen Sims, Offensive Operations Curriculum Lead and Fellow; SANS Institute, Johannes Ullrich, Dean of Research, SANS Technology Institue College; Terrace Williams, SANS Certified Instructor/Security Engineer II, SANS Institute and AWS.
SANS is celebrating its 35-year anniversary and is a strong actor in our industry. This is a regular panel, always around the top 5, each given in a concise 5’ exposition.
Which 5 threats?
- AI-powered child sextortion.
- GenAI’s impact on 2024 U.S. election security.
- Rise of AI hyper-accelerated exploitation lifecycles.
- The security cost of technical debt.
- Verifying identity in the age of AI deep fakes.
AI is the new tool for adversaries, this was expected, but the more mundane security cost of technical debt captured our attention. Outdated or poor-quality code can jeopardize security, aggravated by the retirement of skilled developers and corporate mergers. Code reviews and incremental upgrades are effective prevention measures for correcting technical debt and latent security issues, perhaps with the help of AI-assisted transcription of old code.
5. The Evolving Role of CISOs.
Speakers: Bryan Palma, Chief Executive Officer, Trellix and Harol Rivas, Chief Information Security Officer, Trellix.
“CISO Confidential: What Separates The Best From The Rest” examined the CISO role, one of the most difficult in any company. The role is only 30 years old and evolving rapidly, with a large imbalance between resources and impact. The role is now more about “Cyber Titans”, in two planes: the battlefields of the future with evolving threats, and more skills necessary to success.
The talk explored three skills: Architect, which means a deep domain knowledge, technology skills, and the ability to fuse business and technology priorities. As an Operator speak the language of your business: business operations, revenue sources, the industry norms; and know the land, and what’s happening in the world: international affairs, global politics, conflicts, and elections. And as Connector (the most important): an independent yet credible member of the executive team. A CISO needs to effectively communicate the story of risk to the outside and the inside: regulators, policymakers, customers, other CISOs (community and sharing !), and the board and the organization teams for high-level advice.
“Legal Eagles & CISOs” explored the partnership between legal and information security officers. Sure, to navigate the regulatory sea and understand the intricacies of the regulatory framework, some experienced professionals in the legal field are the best guidance. In the EU we are busy with compliance, and acronyms like NIS2 and DORA are the bread and butter of CISOs.
If You Missed RSA Conference 2024, Don’t Miss Our Webinar!
Webinar: Cybersecurity Trends from RSA Conference 2024
If you missed the RSA Conference 2024 and want to learn more about what happened directly in San Francisco, don’t miss our exclusive on-demand webinar. Join our CTO, Luis Rodriguez, as he dives deep into the key insights and strategies discussed at the conference. This on-demand webinar offers:
- Expert Analysis: Detailed breakdown of key takeaways.
- Cutting-Edge Trends: From technical updates to regulatory changes.
- Real-Time Engagement: Interactive Q&A to get the most out of the session.
- Community Connection: Network with colleagues committed to staying at the forefront of cybersecurity.
