The annual RSA Conference bills itself as “Where the World Talks Security,” bringing together a huge cross-section of the cybersecurity community along with some of the biggest, brightest, and boldest voices in the industry. Each year the conference is a prime opportunity to “take the temperature” of the cybersecurity world, discover innovative concepts and emerging threats, and make connections that catalyze new partnerships, products, and services.
This year was no exception.
Senior leadership from NopalCyber attended the 2024 RSA conference, held in San Francisco in early May, to learn as much as possible from as many people as possible. We went there seeking perspectives that would challenge our own thinking (and our whole team’s), plus ideas that could empower our business and the security we offer.
The conference did not disappoint.
We’ve spent some time since the event formulating our biggest takeaways from the conference. Based on what we saw and heard, here’s what we think are the most interesting, important, or urgent conversations happening in cybersecurity right now.
AI – Cuts Both Ways
We visited too many booths, panel discussions, and networking events to count, but at the majority of places we went the subject of artificial intelligence (AI) came up eventually. Many are optimistic, pointing to how AI, particularly generative AI, can improve the productivity of cyber analysts and give them the boost they need to keep pace with an ever-evolving threat environment. From Microsoft’s CoPilot for Security to SentinelOne’s Purple AI, vendors are rapidly integrating AI into their security products. But attackers are doing the same, and the many threats of AI in the wrong hands are real and happening already and are likely to get worse. This may be the first RSA where AI dominated the conversation—but it won’t be the last.
Securing SMBs
Another conversation that came up again and again was the plight of small and midsize businesses in the current climate. Ransomware and other opportunistic attacks have increasingly targeted SMBs because they’re easier to breach than large enterprises, and these attacks increasingly make repeated extortion demands by threatening to release stolen data. Cyber attacks are getting very expensive and disruptive in the SMB space. Yet most security products are too complex and financially out of reach, and many MSSPs are underwhelming with their offerings, leaving smaller organizations without good options for security products and services. We heard many people express a want and need for better options to secure small and midsize businesses.
ASM Everywhere
Attack surface management (ASM) was a topic that came up with multiple exhibitors and panel speakers. It has been a hot topic ever since the pandemic. Now that many of the changes brought about by the pandemic look permanent, from hybrid offices to cloud-first tech stacks, the attack surface has become more important than ever, which was apparent at RSA. A common refrain was the need for proactive rather than reactive security to stop attacks before they start. However, the challenge of assessing and managing a fast-growing attack surface came up just as often. The need for ASM is widely understood. What the people we spoke to are still searching for is the right solution.
Encryption Evolving
It wouldn’t be a cybersecurity conference without something to stoke fear, uncertainty, and doubt (FUD), and this year the threat of quantum computing to cryptographic encryption seemed to grab everyone’s attention. Several well-attended panel discussions featured encryption experts. And while they were somewhat reassuring, emphasizing that quantum technology still isn’t advanced enough to break current algorithms, it isn’t far away, either. That sentiment came up again in discussions about a paper by Chinese researchers who claimed to have cracked the lattice cryptography used widely in cryptocurrency. Ultimately, their research was shown to be flawed, but it nonetheless reveals the growing inadequacy of encryption as we know it.
NopalCyber – Cybersecurity for All
After spending several days at the center of the cybersecurity community, it was clear to see where NopalCyber fits in and what gaps our security solutions fill in the current market.
Our proprietary technology uses automation for greater speed and scale, making the cutting-edge accessible to anyone. We offer bespoke services and comprehensive cybersecurity solutions that equip any company, even small and midsize ones, with enterprise-class defenses. ASM is easy for our clients because we find the exposures and reveal the fixes. And by combining offense and defense into a complete cybersecurity solution, we keep attackers further away from encrypted data.
We may be biased, but so many of the problems, questions, and issues we heard about at RSA could have been solved by NopalCyber. Could yours? Contact us to explore the answer.