The main theme of 2023 RSAC is “Stronger Together.” It involves creating a cohesive front that leverages diverse knowledge to combat cyber threats.
The 2023 RSA Conference, or simply RSAC, took place at the end of this April in San Francisco. The event brought together cybersecurity experts and thought leaders from across the globe to facilitate conversations about current and future concerns, ideas, and solutions that will help individuals and organizations better protect data.
This year, the RSAC presentations were united across the central theme, Stronger Together, highlighting the importance of collaboration in cybersecurity. Stronger Together means more than just working together. It involves creating a cohesive front that leverages every team member’s diverse knowledge and experience to combat cyber threats.
2023 RSAC featured speakers from CISA, government, and industry partners, whose presentations covered advanced threats, fraud prevention, cloud security, cybersecurity legislation, AI, and more.
Here are a few RSAC takeaways for businesses and investors to consider.
Among the major topics of RSAC talks was the White House’s National Cybersecurity Strategy, published in March 2023. Participants discussed measures proposed by the Strategy, such as new regulations to establish baseline cybersecurity standards and active public-private collaboration in cybersecurity defense. Private enterprises noted the Strategy outlines plans to transfer responsibility for cybersecurity from end-users to product and service providers. While this liability shift is still in its early stages, businesses are close to being held accountable for not taking reasonable security precautions as never before. Companies would no longer rely on broad liability disclaimers in end-user agreements if they sell products with vulnerabilities. It was also highlighted that the Strategy considers providing “safe harbors” for companies that follow cybersecurity best practices, recognizing that these practices will evolve.
More about the 2023 National Cybersecurity Strategy read in our blog post, 2023 National Cybersecurity Strategy Review.
Almost all technology talks today have featured the impact of Artificial Intelligence and Machine Learning AI/ML. Given the breakthrough AI and ML technologies brought to nearly all industries, it’s justifiable. Entrepreneurs at the RSAC discussed with developers and investors whether AI could and should be integrated into their products. Many executives noted that AI/ML is not new in cybersecurity threat detection and response. Therefore, AI/ML tools would rapidly become essential for responding to queries across the software stack and managing incidents. Many argued that the noise around AI/ML is nothing more than a distraction from the legacy threat detection and prevention methods. On balance, many argue AI benefits both the attackers and defenders. Threat actors are using AI to execute convincing social engineering attacks faster and more widely than ever, while CISOs are optimistic that AI will be a force multiplier for their teams’ prevention, detection, and response efforts.
The increasing complexity of the cybersecurity landscape, the proliferation of point solutions, and their impact on users were popular topics of the RSA talks. The participants emphasized the importance of collaboration among cybersecurity solutions. The main idea is that a sheer number of point solutions that do not communicate with each other makes it difficult for even the most advanced users to manage. This complexity can create unintentional gaps in coverage and poses a security risk. Investors prefer platforms to point solutions. However, they recognize that platforms can be challenging for early-stage startups to sell or build from scratch. Investors and buyers showed interest in startups that offer solutions with a dedicated customer base. This was provided that the startups developed the solution with integration and expansion in mind to eventually transform it into an actual platform offering within a few years.
Finally, many cybersecurity experts expressed concern that current cybersecurity solutions are too complex and resource-intense to manage effectively. Speakers highlighted a talent shortage in cybersecurity. They admitted that few organizations possess the necessary expertise or resources to deploy, maintain, and monitor disparate cybersecurity products. There are also issues with the organizations’ possibility to afford a professional CISO and dedicated engineering teams. Threat actors increasingly target under-resourced and vulnerable partners and suppliers to infiltrate an otherwise well-secured target. To improve overall security in our digital and interconnected world, it will be crucial for startups to develop and for investors to support solutions that make advanced cybersecurity accessible to non-experts and less resource-intensive for smaller businesses and everyday users to deploy.
Discover more exciting topics with our blog, and feel free to contact the Planet 9 team if you have any questions. We’ll be happy to assist!