Generative AI: Top of mind at the cybersecurity RSA Conference 2023

1. Artificial intelligence

The hottest topic at the RSA Conference in San Francisco this year can be summed up in two words. In two letters, actually: AI.

Artificial intelligence—or more specifically, generative AI—was on everyone’s mind. Although AI and Machine Learning (ML) were the scheduled topic for more than 25 sessions, they quickly became a point of discussion in almost every formal session no matter the topic, and in nearly every conversation at social events. Even Monty Python’s Eric Idle mentioned it in his otherwise cheeky keynote address. 

Worthy of note, there was one place you didn’t hear about generative AI—on the Expo floor. While AI and ML are quickly becoming an integral part of cybersecurity tools, ChatGPT and similar technologies were nowhere to be found in the vendor booths. As Drew Perry, Chief Innovation Officer with Ontinue, said in a conversation, the session talks on AI didn’t trickle down to the Expo floor. The reason is clear: the technology around generative AI is evolving so fast that cybersecurity vendors are moving cautiously. 

Time will tell if generative AI is going to be a major game-changer for cybersecurity, or if it’s just hype. Beyond the positive impacts AI may have, there is more concern around the security threats of it. The vast amount of data AI is producing requires detailed analysis and classification; oversight of either would open up organizations to new threats.

There were also plenty of deepfake videos and pictures shared during the conference—deepfake refers to the use of AI to generate eerily convincing images, audio, and video—and more than one speaker showed examples of false information generated by chatbots. 

2. Taking the ransom out of ransomware

Ransomware is a perennial topic at RSA and other security conferences—but this year, much of the focus was specifically on ransom payment.

One of the biggest revelations from the conference was the role law enforcement can play in data recovery. Ransomware crime gangs are often lazy, and the same toolkits are often reused with little variation. The FBI has the decryption keys for many existing ransomware strains, and it’s possible they can help unlock your data. Many of the session speakers recommended adding a step early in your incident response procedures that involves reaching out to the FBI or other law enforcement organizations to see how they can provide assistance. 

The goal is to refrain from paying the ransom, and that message was repeated often and firmly. 

While there are some situations where it’s unavoidable, a ransomware payment puts you at risk of becoming a repeat target, leads to reputational damage, and could affect future audits. Strategies could include further segregating your most sensitive data or employing more robust redundancy strategies—but the most important action to take is to have cyber defenses and a plan in place before anything happens. 

3. Government initiatives

From new NIST frameworks to executive orders coming from the White House, conference attendees were excited about the government taking tangible action to address cyber threats. Using new legislation and regulations as a jumping-off point, both private and public sectors are discovering the benefits of working together, collaboratively devising strategies to navigate the growing number of regulatory requirements.

Most see these government initiatives as a way to enhance cybersecurity for everyone rather than legislation designed to hinder growth—a marked change from the past.

The biggest takeaway

From the trendy topic of AI, to the age-old topic of ransomware, to the timely topic of new government regulations, RSA’s key themes spanned the breadth of what’s on the industry’s mind. 

Once the booths are broken down and the swag and business cards are packed in suitcases, the fundamental question remains: Are you doing enough to protect your organization?