You don’t need to be a security practitioner to know that the threat landscape is becoming more complex. The bad actors are growing more sophisticated – and data theft is now increasingly happening through account impersonation – not just malware.
Phishing is also on the rise – with ongoing campaigns like Oktapus compromising more than 10,000 accounts at 130 companies. In fact, 2022 had the highest percentage of mobile phishing encounter rates ever, with an average of more than 30% of personal and enterprise users exposed to these attacks every quarter.
What’s more, government authorities worldwide are advising heightened caution in light of ChatGPT and AI tools’ role in social engineering and other malicious activity.
That’s why this year’s RSA Conference, held for four days last week at San Francisco’s Moscone Center, was such an important opportunity for IT and security leaders to come together and share solutions for simplifying the complexity of this new threat landscape and offer guidance to help stay ahead of threats and mitigate risk to better protect people – and their data.
In fact, this year’s theme was Stronger Together, highlighting the importance of collaboration in cybersecurity.
Here are some of my key takeaways from attending this year’s RSA – and why Stronger Together is a requirement in today’s security landscape:
- AI is changing the game for cybersecurity. This year’s RSA was very heavy on AI, with dozens of sessions touching on the intersection of AI and cybersecurity and exploring the potential benefits and challenges of the application of AI in detecting and combating cybercrime. Vendors like Cisco, Forcepoint, ReliaQuest, Abnormal Security, BigID and Next DLP were among the dozens of companies unveiling new products with AI-based features and tools designed to improve threat detection and provide a more effective response compared to traditional security systems. The underlying question is: can the good guys harness the power of AI faster than the bad guys? As RSA’s CEO Rohit Ghai cautioned during his opening keynote: “AI will cause us humans to be totally confused about our role in this world.”
- Cloud adoption is driving innovation in cloud security. Google Cloud CISO Phil Venables was among the industry thought leaders who made the case at RSA 2023 that a well-configured cloud can be more secure than traditional on-premises environments – and that increased competition among cloud providers and economies of scale are improving security for all – and even democratizing the path to becoming a security expert. On the RSA show floor, vendors scrambled to reveal new cloud security capabilities and features. Paladin Cloud, for example, rolled out a new SaaS cloud security platform to help enterprises keep track of their cyber assets and security controls more effectively and reduce exposure to vulnerabilities and threats.
- Sharing and operationalizing threat intelligence is paramount. In a climate of accelerating cyber risk, information sharing is critical. In a new report from MeriTalk and RSA unveiled on Public Sector Day, 100% of public sector and 96% of private sector leaders said they benefited from shared cybersecurity intelligence, including educating staff on a threat (50%), proactively responding to a threat (47%) and fine-tuning overall cybersecurity posture (45%). However, 71% admitted their organization underutilizes relationships for sharing and acting on intelligence. There is enormous opportunity for security practitioners to prioritize deep collaboration and form partnerships to collect and share good threat intelligence to truly be Stronger Together.