Like a persistent piece of malware that your antivirus product just can’t seem to eradicate, the annual RSA cybersecurity conference was back with a vengeance this year. But while the malware example is inherently malicious, the industry event seemed to be bustling with goodwill and a positive message for the cybersecurity industry, starting with its theme for the year: “Stronger together.”
Similar to many in-person industry events, RSA languished during the height of the pandemic, turning to online-only attendance as Covid raged. But from April 24 to 27, San Francisco’s Moscone conference complex again reigned as the center of the cybersecurity universe. The sponsoring organization reported that this year’s conclave — its 32nd annual event — “attracted over 40,000 attendees, including 650+ speakers, 500+ exhibitors, and 500+ members of the media.”
Distinguished speakers abounded at this year’s event, including current and former elected and appointed officials from numerous foreign and domestic government agencies, as well as highly respected academics and researchers and representatives from dozens of commercial and nonprofit security organizations.
There were even a few celebrity guests on hand, including comedian and actor Eric Idle, best known as co-creator of the legendary comedy troupe Monty Python, and eight-time Grammy Award-winning country western star Chris Stapleton.
Surging Cybercrime Buoys Security Industry Outlook
The mood was decidedly more upbeat than last year’s RSA conference, which had returned to in-person attendance but attracted only 26,000 visitors and seemed overshadowed by reports of layoffs and cutbacks among tech companies both in and adjacent to the cybersecurity field.
What a difference a year makes. Describing the 2023 event, RSA Conference Senior Vice President Linda Gray Martin gushed, “The enthusiasm and buzz felt in and around RSA Conference all week was palpable.” Judging from the press of the crowds and the fervor of exhibitors, the hyperbole seems justified.
Fueling the resurgence of attendance and interest in this quintessential security event was heightened awareness of increasingly sophisticated threats, including those posed by new forms of ransomware and malware, and the nascent challenges and opportunities presented by generative AI and open source.
As usual, RSA provided a convenient milestone for releasing new security products and services, as well as reports and insights focusing on the evolving threat landscape. Several reports published during the event highlighted vertical industries that are particularly at risk, including manufacturing, health care, and finance.
AT&T Business issued its 12th annual Cybersecurity Insights report at RSA, filled with findings from its survey of 1,400 security practitioners in North and South America, Europe, and Asia. Respondents were limited to organizations that have implemented “edge use cases” that involve the integration of newer technologies such as 5G, robotics, virtual reality, and/or IoT devices. Not surprisingly, they found these respondents to be under constant threat of attack.
However, with the notable exception of the U.S. SLED (state and local government and education) market, most of those surveyed were more concerned about distributed denial of service (DDoS) attacks and business email compromise (BEC) fraud incidents than they were about ransomware and other forms of malware, or advanced persistent attacks (APTs).
The results could indicate that security professionals in edge-intensive industries, many of which are considered part of their respective nations’ critical infrastructure, are frankly out of touch with the magnitude of threats they may be facing, including state-sponsored attacks.
As the report authors conclude, “The use of cyber as a geopolitical weapon has forced government regulators and security leaders to be aware of possible destructive nation-state cyberattacks. Yet building management in U.S. SLED, and fleet tracking in transportation, are the only use cases for which nation-state cyberattacks crack the top three in perceived likelihood.”
Another report released at the RSA event by cybersecurity vendor BlackBerry, its second quarterly Global Threat Intelligence Report, also showcased several specific industries that are drawing heavy fire from cybercriminals. These include health care, which encounters an average of 59 new malicious samples daily, including an increasing number of new Emotet variants, according to the report.
BlackBerry also found that attacks against government entities, manufacturing, and critical infrastructure reflected targeting by “sophisticated and sometimes state-sponsored threat actors, engaging in espionage and intellectual property campaigns.”
The company’s newly christened CylanceIntelligence cyberthreat intelligence (CTI) subscription service, also formally announced during RSA, reported that “crimeware and commodity malware are also often found in these critical industries.”
For a deeper dive into the BlackBerry findings, please watch the video interview with the company’s Vice President of Threat Research, Ismael Valenzuela, which I conducted during RSA. (Note: In addition to reporting for TechNewsWorld and other media outlets, I also serve as Blackberry’s editorial director.)
AI Gets VIP Treatment
Much of the discussion and subsequent coverage around RSA 2023 involved the uses of artificial intelligence (AI) as an increasingly potent tool in the hands of both attackers and defenders.
While AI has been around in various forms for decades, its most notable success has been at the box office, typically playing the role of a Hollywood villain. Ever since the murderous HAL 9000 debuted in Stanley Kubrick’s 1968 screen adaptation of Sir Arthur C. Clarke’s “2001: A Space Odyssey,” AI has been largely typecast in popular fiction as a homicidal bogeyman.
IBM’s Watson has worked hard to showcase more benign uses and behaviors of the technology, even to the extent of appearing as a contestant on “Jeopardy” in 2011. But AI’s most recent and rewarding commercial acceptance has come at the hands of pioneering cybersecurity vendors such as CrowdStrike and Cylance (acquired by BlackBerry in 2018).
Today, AI is practically a checklist item for endpoint protection solutions, rapidly displacing outdated signature-based malware detection. However, the past year’s commercialization of generative AI tools utilizing large language models (LLM), such as ChatGPT, has mainstreamed AI in a way Watson only dreamed of, effectively highlighting and fast-tracking the technology’s usability across numerous fields of endeavor.
As many have predicted, one of the first malicious uses of these widely available AI tools has been to improve phishing lures. Another report released at RSA, Zscaler’s 2023 ThreatLabz Phishing Report, confirms that AI tools such as ChatGPT can improve phishing hit rates, ultimately making it easier to steal credentials. But those use cases may represent only the low-hanging fruit of AI for threat actors.
The report states, “The emergence of new AI technology and large language models like ChatGPT have made it easier for cybercriminals to generate malicious code, Business Email Compromise (BEC) attacks, and (to) develop polymorphic malware that makes it harder for victims to identify phishing.”
As Forbes contributor Will Townsend points out in his RSA roundup article, discussions in and around the tradeshow highlighted that AI has quickly become “a double-edged sword that will require continued sharpening” as it is increasingly deployed by both attackers and defenders.