RSA Conference 2024 Recap: Notable Highlights and Key Learnings

• One of the two significant cybersecurity events of the year, RSA Conference 2024, wrapped up last week.
• More than 40,000 people converged at the Moscone Center to share ideas and data, launch products, and hear multiple viewpoints from the industry that had emerged in the last 12 months.
• Here are Spiceworks News & Insights’ takeaways from RSA Conference 2024.

As expected, RSA Conference 2024 saw cybersecurity bigwigs take the stage to unveil their latest products and service offerings and set the ball rolling for the year’s expectations.

The theme at RSA Conference 2024, The Art of Possible, mainly concerns what companies can do by taking artificial intelligence (AI) and using it to advance the cybersecurity cause, even if the organizers never intended it to be so.

That is, of course, a broad generalization for a conference as big as RSA, where tens of thousands of people converge to share ideas and be exposed to multiple viewpoints from the industry conjured up in the last 12 months.

From stalwarts to startups, approximately 40,000 people from 130 countries in San Francisco will tookake home the insights gained at RSA Conference 2024. Here’s how the RSA cCconferenceonference 2024 shaped up.

RSA Conference 2024 Highlights

RSA Conference 2024 saw over 650 speakers taking on the most pertinent cybersecurity problems across hundreds of speakers, closed off by an Alicia Keys concert delivering her biggest hits.

1. Product upgrades and launches

• Cisco completed its $28 billion acquisition of Splunk in March this year. A couple of months later, the company has something to show for it at RSA Conference 2024, having integrated the latter’s security portfolio and telemetry tools into its extended detection and response (XDR) platform.
• SentinelOne’s Singularity Operations Center sounds like something out of a space movie depicting interstellar travel where humans have cracked the singularity of a black hole. In reality, it may not be as fascinating, but it is a valuable addition for cybersecurity pros seeking a consolidated security management tool for centralized and unified investigations.
• Palo Alto Networks made heads turn when it announced that AI now constitutes “every one” of its products. The company’s AI push is named Precision AI, which is integrated into its portfolio of products and services. It includes generative AI, machine learning, and automation workflows integrated into its portfolio of products and services, including Strata, Prisma Cloud, and Cortex platforms
• Cloudflare rolled out security risk management services before RSA Conference 2024. Cloudflare Ffor Unified Risk Posture. The company’s role in internet security makes it an interesting option for companies’ risk posture enforcement.
• Google launched a unified threat intelligence service at RSA Conference 2024. It encompasses threat intelligence and telemetry data from Mandiant, VirusTotal, and Google.
• AI-SPM by Wiz is intended for securing AI tools in software development. The Cloud Native Application Protection Platforms (CNAPP) is designed to detect (mis)configuration issues that may inadvertently end up exposing data. AI-SPM supports ChatGPT.
• Recorded Future has fortified its security tools with Collective Insights for comprehensive threat analysis and Intelligence Cards as a way for analysts to have the right information at the right time. The threat intel company also introduced AI Conversation for text prompt-based summary generation capabilities.
• CrowdStrike’s Falcon Next-Gen SIEM now features generative AI capabilities through an integration with the company’s Charlotte GenAI assistant. It allows the security information and event management tool to deliver contextual incident summaries. Additionally, Falcon Next-Gen SIEM allows multiple analysts to receive real-time updates from each other while working on an incident.
• Securonix has roped in large language models such as Anthropic Claude 3 to power Unified Defense SIEM capabilities, including insider threat hunting and adaptive threat modeling, in Securonix EON.
• Fortinet’s IoT security platform includes threat hunting and analysis with a generative AI assistant based on FortiAI. The company claims FortiManager is the first AI-based IoT security detection and troubleshooting platform.

See More: Passwordless Authentication: Why Are We Even Using Passwords Anymore?

2. Secure by Design pledge

RSA Conference 2024 marked 68 organizations signing up for the Secure by Design pledge formulated by the Cybersecurity and Infrastructure Security Agency (CISA).

Signed by Microsoft, AWS, Google, IBM, HP Enterprise, Tenable, Trend Micro, Palo Alto Networks, Fortinet, and more, the Secure by Design pledge is a set of seven objectives to achieve next year. These include:

• Increase the use of multi-factor authentication (MFA)
• Reduce default passwords
• Reducing entire classes of vulnerability
• Diligence in applying security patches
• Establish a vulnerability disclosure policy
• CVE reporting transparency
• Enable customers to identify evidence of intrusions

However, the pledge is voluntary and not binding by law, meaning that measures against any shortcomings from the signatories cannot be enforced. Nevertheless, the pledge is a way for CISA director Jen Easterly to highlight the principle of what the government expects in tech and shed what she calls the “dangerous-by-design” in many products.

3. Securing generative AI: What matters now

IBM released its ‘Securing generative AI’ report at RSA Conference 2024, highlighting the neglect with which generative AI development is not getting the appropriate security. 

The company found that just 24% of generative AI projects are being secured. The report sheds light on the emerging threats from AI usage.

New Threats to Generative AI Initiatives

Source: IBM

Another interesting fact from the Securing Generative AI report is that more than 90% of security generative AI capabilities are instituted with the help of third-party products or partners. “Similar to cloud adoption, leaders are looking to partners for comprehensive security support, whether that’s informing and advising about generative AI or augmenting their delivery and support capabilities,” IBM noted.

Generative AI Security Capabilities

Source: IBM

IBM’s report also draws attention to the generative AI threat landscape, offers insights into how organizations leverage the tech and offers an action guide on what organizations ought to do.

See More: Navigating the Threat of QR Codes as a Gateway to Data Theft

4. RSAC Innovation Sandbox 2024 winner

The 2024 RSAC Innovation Sandbox winner is *drumroll* Reality Defender for helping private and government organizations detect deepfakes. Reality Defender is among the ten cybersecurity startups that pitched their products for three minutes at the RSA Conference 2024.

Reality Defender’s importance is evident in a year when more than four billion people in approximately 60 countries will vote. According to the World Economic Forum, misinformation and disinformation-driven propaganda are the most prominent global threats.

Thus, identifying synthetic or artificial text and media (images, video, audio) is a priority for dozens of countries to conduct fair elections by identifying AI-generated media, fraud, and harmful content in real time.

Watch Reality Defender’s pitch to RSA Conference Innovation Sandbox judges here:

Titled the Most Innovative Startup 2024, Reality Defender and other contestants were judged on the following criteria:

• What problem the company is solving
• Who is the company solving the problem for
• How original is the intellectual property
• What is the company’s go-to-market strategy
• Has the market validated the approach

“Deep fakes are the number one financial threat to enterprises,” said Ben Colman, co-founder and CEO. “We look forward to scaling our solution to solve the deep fake problem now, tomorrow, and forever. We appreciate the opportunity to be a part of the RSA Conference Innovation Sandbox contest and showcase our solution to the cybersecurity world.”

What did you take away from the RSA Conference 2024? Share your thoughts with us on LinkedInOpens a new window , XOpens a new window , or FacebookOpens a new window . We’d love to hear from you!

Image source: Shutterstock

MORE ON CYBERSECURITY

• The Future of Critical Infrastructure Cybersecurity Amid Geopolitical Conflict
• How Organizations Can Minimize Risk in Complex Cloud Environments
• 5 Metrics to Help Measure the Success of Security Awareness Programs
• From Vulnerable to Invincible: Leveraging Tokenization To Protect PII