RSA Conference 2024: AI’s impact on cybersecurity

In the 12 months since security practitioners gathered in San Francisco for the 2023 annual RSA Conference, the view of artificial intelligence has expanded. Where AI was once either bad for business or good for improving protection, it has now become a whole new challenge that will require a novel approach.

This was one of the key themes to emerge from four days of coverage as theCUBE, SiliconANGLE Media’s livestreaming studio, interviewed industry executives, government officials and analysts to hear the most recent insights into the future direction of cybersecurity. Widespread adoption of AI is causing a fundamental shift in the security mindset as organizations realize the need for internal security protections and a deeper understanding of AI’s role.

Jay Chaudhry of Zscaler talks with theCUBE at RSA Conference.

“We have to deal with the prompt security and all these sorts of things which people don’t normally have a clue about,” said David Linthicum (pictured, right), principal analyst at theCUBE Research, during the keynote analysis on the conference’s second day. “We’re normally encrypting, we’re protecting, we’re building firewalls around things when something can be attacked from within. It has to have internal security. I think people are looking to transform their thinking.” (* Disclosure below.)

Here’s theCUBE’s complete keynote analysis from David Linthicum, who was joined by Shelly Kramer (pictured, left), managing director and principal analyst at theCUBE Research:

Here are three key insights you might have missed during the event:

1. RSA Conference offered evidence that AI is being used by both attackers and defenders.

There is a growing body of evidence that AI is becoming more widely used by malicious actors. Presentations by industry speakers and government officials during the conference highlighted use of AI by nation states and cybercriminals to improve social engineering attacks and scan systems for vulnerabilities.

“You’re going to ask ChatGPT and say, ‘Tell me all the VPN systems this company has and what vulnerabilities do they have,’” said Jay Chaudhry, founder and chief executive officer of Zscaler Inc., in an interview with theCUBE. “It would’ve taken them days to collect this information. Now it’s available in a matter of seconds. So, identifying your attack surface, the starting point of attack becomes easy.”

Here’s theCUBE’s complete video interview with Jay Chaudhry:

AI’s use by malicious actors is leading enterprises to deploy AI as a defense against more sophisticated attacks. One solution, as exemplified by new technology released last month by Cisco Systems Inc., is to create an AI-native platform that can automatically detect malware traversing through the enterprise environment.

“Rather than going out and having AI being thought of as an afterthought and a bolt-on, we built AI from the ground up in this term that we call AI-native,” according to Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco, during an appearance on theCUBE. “That means when we thought about a defense through all these problems, we said, ‘Let’s make sure that AI is baked in.’”

Here’s theCUBE’s complete video interview with Jeetu Patel:

Companies are also developing new solutions to implement security defenses against AI threats earlier in the software development lifecycle. This is proving to be a particular necessity in application security.

“I think the reality is that the only way to truly solve application security is by shifting it left or moving it earlier in that software development life cycle,” said Peter McKay, chief executive officer of Snyk Ltd., in conversation with theCUBE. “You don’t want developers to slow down, and you don’t expect developers to be security experts. You need to embed security in, behind the scenes, allowing developers to continue to develop fast. The risks have never been greater to do that.”

Here’s theCUBE’s complete video interview with Peter McKay, who was joined by Danny Allan, chief technology officer of Snyk:

2. Regulatory activity is heating up in the cybersecurity world.

This year’s RSA gathering featured plenty of news and discussion around regulation and governance. During the conference, 68 tech firms, including AWS, Google, Cisco, Microsoft and IBM, signed a “Secure by Design” pledge that is being led by the U.S. Cybersecurity and Infrastructure Agency. By signing the pledge, companies agree to work toward achieving seven security goals over the course of a year.

Jim Richberg of Fortinet (pictured, far right) appears on theCUBE with former DHS official Suzanne Spaulding (second from right) at RSA Conference.

“It’s a non-regulatory solution that allows you to say ‘I can drive progress,’” said Jim Richberg, head of cyber policy, global field chief information security officer of Fortinet Inc., during an interview with theCUBE “You’re supposed to report, publicly, how you’ve done on implementation. And the pledge has got straightforward goals. [It’s] not telling any company that signed the pledge, ‘You have to do it this way.’”

Here’s theCUBE’s complete video interview with Jim Richberg, who was joined by Suzanne Spaulding, former Undersecretary at the Department of Homeland Security and Fortinet team member:

Several executives interviewed by theCUBE took note of increased regulatory pressure in both the U.S and Europe. This includes Europe’s NIS2, which goes into effect in October and expands the scope of previous cybersecurity mandates for corporations, and DORA, an EU regulation on digital operational resilience that all firms must meet beginning in January.

“In Europe, we’ve seen NIS2 and DORA now coming out. We’ve seen GDPR influence other privacy regulations,” said Sam Curry, global vice president and chief information security officer of Zscaler, in conversation with theCUBE. “We’ve seen the Securities and Exchange Commission in 2023 take some new steps, and everyone’s sort of, where’s this headed? We’ll see where that actually plays out.”

Here’s theCUBE’s complete video interview with Sam Curry:

An uptick in cyber-related regulatory activity is creating an ecosystem of organizations designed to assist with building governance and compliance platforms. This is becoming even more critical as AI adoption continues to grow, according to Amit Elazari, co-founder and chief executive officer of Open Policy.

“If you’re a CISO that is not looking into AI governance, you might be left behind,” said Elazari, during an appearance on theCUBE. “This regulatory mesh between the requirements of cyber, privacy and AI and regulators doubling down on attestations, on measurements or artifacts of compliance is creating a big opportunity for governance companies.”

Here’s theCUBE’s complete video interview with Amit Elazari:

3. Acquisitions and alliances make an impact as companies seek to leverage AI for data protection.

The overall theme for this year’s RSA Conference was “The Art of Possible,” yet it could just as easily have been “Better Together.” Acquisitions and alliances continue to shape the narrative for many companies in the cybersecurity arena.

When Snyk acquired DeepCode Inc., a provider of real-time semantic code analysis powered by AI, it did not seem like a significant move at the time. The landscape has since changed, with AI and machine learning being used to address security challenges across the globe.

“DeepCode is probably one of the most significant [acquisitions],” said Danny Allan, chief technology officer of Snyk, during his interview with theCUBE. “DeepCode was interesting because it brought them into the SaaS-static application security testing in a very meaningful way. If you look at the way they do static application security testing, they’re using symbolic regression testing to find the vulnerabilities within the code — and we continue to iterate on that.”

Here’s theCUBE’s complete video interview with Danny Allan, who was joined by Peter McKay, CEO of Snyk:

Another acquisition attracting attention was CrowdStrike Inc.’s purchase of the cloud log management and observability company Humio Inc. in 2021. CrowdStrike announced new products based on Humio’s technology a year later, rebranded as Falcon LogScale. CrowdStrike followed that in 2023 with the acquisition of Bionic.ai to further bolster its Falcon platform offerings and strengthen security at the endpoint.

Elia Zaitsev of CrowdStrike talks with theCUBE at RSA Conference about latest trends in cybersecurity.

“We’re just seeing this next wave of consolidation in security,” explained Elia Zaitsev, chief technology officer of CrowdStrike, in his conversation with theCUBE. “I mean, I think we kind of kicked it off 10 years ago with the endpoint wars, if you will. I think we won that one pretty handily, getting rid of legacy AV and a lot of the other point solutions on the endpoint.”

Here’s theCUBE’s complete video interview with Elia Zaitsev:

Cribl Inc. announced an alliance this month with Microsoft Corp. designed to facilitate the use of Cribl’s security products on the Azure cloud platform. This latest alliance underscored interest among firms like Cribl in pursuing data-centric solutions within the cybersecurity world.

“All security and IT comes down to data,” said Abby Strong, chief market officer of Cribl, in her appearance on theCUBE. “We want to be the experts in that type of data and then let the experts in security build the solutions that are doing those detections and responses.”

Here’s theCUBE’s complete video interview with Abby Strong:

To watch more of theCUBE’s coverage of RSA Conference 2024, here’s our complete event video playlist:

https://www.youtube.com/watch?v=videoseries

(* Disclosure: TheCUBE is a paid media partner for the RSA Conference. Neither RSA Conference LLC, the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE