RSA has been a hot topic with clients since the 2023 show ended, and for good reason. After four days, 2,400 sessions and 600+ exhibitors — if nothing else, one thing was clear coming out of it – the cybersecurity community showed up in numbers, as well as across a broad range of focuses, suggesting the collective is starting to look beyond COVID-19 that previously hampered the volume and creativity of solutions, sessions and announcements of shows’ past.
This year the show was centered around some familiar topics, as well as some newer ones. While the usual suspects like ransomware made a cameo, there were far less ransomware focused sessions and keynotes than in years past. Nevertheless, ransomware remained front and center at this year’s show around the shift to PaaS, growth of credential theft techniques, and ransomware being used as nothing more than a smokescreen for other attacks.
Two new themes emerged that we can expect to see more of at RSA 2024.
Threat techniques are being used in new environments. While not a new concept necessarily, the emerging environments where said vulnerabilities exist broaden the threat landscape to new heights. Tools and landscapes like the Metaverse and ChatGPT open unprecedented new doors for the impacts of cyber attacks.
We’ll continue to see a focus on behaviors that motivate attackers — from financial gain through businesses targeted with ransomware, easily accessible personal data, workplace frustrations and more. Getting inside the mind of adversaries through an interpersonal lens is an essential next phase in how vendors are mapping out cyber combat strategies.
For now, the frontrunner conversations on this year’s RSA battleground were clear.
This shouldn’t come as a surprise seeing as over the past few years, AI has been responsible for upending the largest segments of cybersecurity technology (and, in fact, was the hottest coverage driver for RSA 2022). What is different is the ubiquity of AI integration into solutions. Not only was this topic part of every single session — generative AI dominated media headlines overshadowing almost every other category. While cloud was another category receiving traction, even still, it was only within the context of AI. Most cloud announcements unrelated to AI were passed over and only included in large product roundups across media coverage.
The looming threat of Russia and China toward U.S. cybersecurity drove panel discussions and media conversations alike. Coupled with acknowledgement of the U.S. government’s counterefforts for national security with a notable focus on proactive measures necessary to combat cybersecurity, including private/government partnerships.
There was a lot of discussion around the industry need to consolidate to reduce the number of security tools and suppliers in the market. Cheryl Knight with Silicon Angle summed it up nicely, “The market is ripe for a shift that streamlines and simplifies security solutions, but it remains to be seen who will emerge as the dominant player in this evolving landscape.”
The dark horse of RSA (in my opinion), quantum showed up across mainstream media headlines. Interestingly enough, this theme has been dismissed in prior years as an overrated threat to encryption, despite pre-RSA conversations covering the rising threat QC poses to organizational cybersecurity.
Ransomware isn’t going anywhere as long as the threat landscape continues to find more sophisticated means of attack, generative AI will continue to be a dominant player in cyber, and the industry will need to consolidate.