RSA Conference Key Takeaways - Aus3C CEO
24 May 2024 - Matt Salier
A week has passed since I returned from my first #RSAC2024, and after finding my way through my backlog, I've wanted to take the chance to reflect on the event. Here are my top six takeaways:
AI is Everywhere, But Focus on Practical Applications AI was a major theme, with most vendors integrating it into their offerings, primarily through large language models (LLMs). While there were impressive use cases, experts emphasized the need to find security solutions that leverage AI effectively for tasks like threat detection and response, rather than just following the hype. And there was certainly a lot of hype!
Consolidation Shaping the Industry Post-RSAC mergers and acquisitions were notable, with Palo Alto Networks acquiring QRadar and Exabeam merging with LogRhythm. Microsoft's bundled solutions have captured over 10% market share, prompting pure-play vendors to create comprehensive platforms. Wiz’s $1 billion capital raise from SoftBank, valuing the company at $13 billion, suggests it could be the next big player in the market. And you couldn’t escape Cisco’s acquisition or Splunk with the newly combined offerings (having only had 6 weeks since finalising the deal) and their marketing seeming to blanket San Francisco. There are some exciting prospects in all of these consolidations, but also some risks. The term "platform" now often reflects a commercial strategy rather than a product offering.
Burnout: A Growing Concern The relentless pace of cybersecurity work is taking its toll. The increasing volume, velocity, and variety of cyber threats make it difficult for professionals to keep up. AI/ LLMs and cloud/ SaaS protection vendors like Wiz and Vanta are crucial in addressing this issue, although SIEMs remain relevant. The pressing question is how to develop tools that help professionals manage the overwhelming challenges in cybersecurity. I see this across our membership and would welcome your thoughts on this key issue.
Collaboration is Key The conference emphasized the importance of collaboration between security professionals, organizations, and even governments to combat evolving cyber threats. Shared intelligence and cooperative strategies are essential to enhance overall cybersecurity resilience. We are modelling this with our approach to Locked Shields and the Australian Insider Risk Centre of Excellence and opportunity exists to do more.
Early Threat Identification is Crucial Early detection of threats is critical to minimizing damage. Security tools and processes should be geared towards identifying threats before they can be fully exploited. Proactive measures and advanced threat detection technologies are vital in this regard.
Supply Chain Threats are Growing A significant increase in data breaches linked to weaknesses in supplier security highlights the need for secure collaboration with third-party vendors. Organizations must prioritize the security of their supply chains to mitigate these growing risks. Defence here in Australia are keenly aware of this but the pace of this being addressed is presently too slow.
Overall, RSAC2024 was a terrific experience. I enjoyed insightful discussions with industry peers and many of Aus3C's international partners, networked extensively, and gained valuable insights into the industry's trajectory and welcomed the chance to connect with our many members on the ground at the conference.
The lingering question is: how can we build tools that enable people and their organisations to stay on top of the immense challenges in cybersecurity?