With the theme of “Stronger Together,” this year’s RSA Conference was a testament to the strength of the cybersecurity community and how we must all come together to fight cybercrime. No one company is the be-all-end-all when it comes to protecting enterprises and consumers from cyberattacks, so it was inspiring to see so many vendors, practitioners, and leaders out in full force to learn about the newest innovations in the industry. We were also excited to see attendance back to pre-pandemic levels, with unmatched networking and conversations on the expo floor, in the keynotes and speaking sessions, and at gatherings around town.
Now that we’ve all returned to our regularly scheduled lives following RSAC, we can’t help but reflect on the hot topics that dominated our conversations at the event. Here are some of the key takeaways Team SpyCloud took from RSAC this year:
AI in Cybersecurity – The Good, The Bad, and The Ugly
As advancements in AI evolve rapidly, we heard a lot about how it’s being used in cybersecurity, chiefly to create malware. The threat of malware is real, as evidenced in SpyCloud’s 2023 Identity Exposure Report, our annual analysis of dark web data where this year we found an increased prevalence of malware-exfiltrated data available on the darknet and showcased how this information can be used to launch cyberattacks on organizations of any size or industry. While the OpenAI policy clearly bans the use of the tool to generate malware, chatter within criminal forums indicates bad actors are (not surprisingly) ignoring that guidance and using tools like ChatGPT to create infostealer malware. When you consider the ease with which malware code can be developed using AI, the threat has the potential to increase significantly.
However, on the flip side, AI can also be used for good with its ability to increase the effectiveness of threat detection. In RSA’s blog on The Convergence of AI and Cybersecurity: The Inescapable Buzz of RSAC 2023, they discuss the potential for AI to help identify and neutralize threats, as well as the ability to analyze large amounts of data to glean actionable insights to improve security practices.
Supply Chain and Third-Party Risk Remains Top of Mind
Risks associated with supply chain and third parties was another topic that came up time and again at the conference. That doesn’t surprise us, though, with supply chain attacks like the 3XC supply chain attack in March continuing to impact organizations and our 2022 Ransomware Defense Report revealing that third-party risk is the #1 factor impacting upcoming security investments.
Vendor risk management can be a challenge for enterprises since their systems and devices typically fall outside the purview of security teams. With attacks like the one perpetrated on SolarWinds resulting from compromised credentials, ensuring the integrity of vendor security is more important than ever. It is necessary to close third-party exposure gaps, staying vigilant about credential exposures, establishing robust vendor security risk assessments, and getting visibility into vendors’ and contractors’ malware-infected devices that may be accessing your network and applications and prioritizing these exposures for proper post-infection remediation.
Cybersecurity is a Serious Concern for Government Agencies – and Rightfully So
We’ve said it before and we’ll say it again: no industry is immune to cyberattacks, and government agencies are no exception. Case in point: just this week a critical U.S. Marshals Service computer system was back online after a 10-week disruption resulting from a ransomware attack. And as government agencies partner with both large and small businesses on contracts, preventing cyberattacks on government supply chains is a critical challenge facing the public sector, with recent SpyCloud research showing that 4.5 million credentials for corporate accounts at the 95 largest companies in the Defense Industrial Base (DIB) are exposed to cybercriminals.
With regulatory changes forthcoming and headlines constantly announcing attacks on federal, state, and local agencies, cyberthreats are something governments at every level must stay ahead of.
RSAC 2023 reiterated that point with several sessions featuring government speakers and the presence of public sector leaders at the event. With sessions like Ransomware: From the Boardroom to the Situation Room and Cybersecurity and Military Defense in an Increasingly Digital World to speakers including Lisa Monaco, U.S. Deputy Attorney General, and appearances by San Francisco Mayor London Breed and General Paul Nakasone, Commander, U.S. Cyber Command and Director, National Security Agency/Chief, Central Security Service, the public sector was well represented at the conference.
The Path Forward for Cybersecurity
Walking around the event showed how diverse, complex, and nuanced the security space is. Our team had discussions around how ripping and replacing tools isn’t the move; rather, it is about augmenting, or in some cases convergence. And that topic was addressed in a keynote by Lee Klarich, chief product officer at Palo Alto Networks.
In his keynote address, Klarich discussed how security can be a “winnable battle” despite obstacles that remain. For example, the onslaught of security point products can create a patchwork approach to cyberattacks that may actually be stunting organizations’ ability to prevent cyberattacks. Ideally, technology advancements that “allow security architectures to collect and use the best possible data to thwart attacks and bolster defense via natively integrated platform abilities” will help enterprises achieve security goals.
To that point, integration is something we at SpyCloud are cognizant of for our customers to ensure that our solutions enable enterprises to leverage their existing tech stacks to centralize data and take action to reduce the risk of critical cyberthreats. We offer out-of-the-box integrations with popular SIEM, SOAR, XDR, TIPs, and more – delivering actionable Cybercrime Analytics at scale.
ICYMI: Check Your Darknet Exposure
We’d be remiss if we didn’t mention our own presence at RSAC. SpyCloud’s booth was bustling with our main attraction: our Check Your Exposure tool. It delivers a free personalized report of your company’s darknet exposure, including data on malware-infected users, breached credentials, stolen web session cookies, password reuse, and so much more. With these insights, you can take action to protect your organization by building better security practices and automating remediation of compromised passwords and session cookies that bad actors use to gain illegitimate access to your network to launch malicious attacks, from account takeover and ransomware to online fraud.
Final Thoughts
While RSAC 2023 may be over, the post-event buzz continues. In an industry full of innovative players, disrupting cybercrime and protecting enterprises and consumers from cyberthreats is something we can all get behind. As bad actors use stolen information to find innovative ways to gain access to organizations, it will take us all being “Stronger Together” to get ahead of threats. We know we’re not the only ones already planning for next year’s event, and in the meantime we’re looking forward to developing new ways to fight cybercriminals and make the internet a safer place.