Key insights from the RSA Conference

The RSA Conference, a gathering of cybersecurity professionals, recently returned to San Francisco after a 28-month hiatus due to the COVID-19 crisis. The event served as a platform for discussions on the evolving cybersecurity landscape and the challenges facing organisations in the digital age.

One of the key issues that emerged was the increasing use of zero-day attacks by ransomware attackers. These attacks exploit vulnerabilities before developers can patch them, making them particularly dangerous and difficult to defend against.

Chris Inglis, the National Cyber Director, emphasised the need for a collective front in cyber defense. He noted that cybercriminals are often better organised and responsive, requiring a network to beat a network. Inglis also referred to ransomware as a syndicate operating against us.

The conference also highlighted the shortcomings of artificial intelligence (AI) in cyber defense. While AI is seen as a potential solution to scale defenses at the required rate, its use cases are currently limited and it needs to operate across domains in real time to fulfil its promise. AI is particularly effective at detection and split-second decisions, such as determining whether an email or file might be malicious.

However, the cybersecurity industry has responded to the growing threat of cybercrime with an alphabet soup of acronyms, including EDR, IAM, MDR, MFA, NGFW, SASE, SIEM, SSE, XDR, and ZTNA. The world has become too complex, and these solutions need to be simplified.

Charles Henderson, head of IBM Security's X-Force unit, noted that attackers have shifted from poorly organised attacks to campaigns targeting specific leverage points and human responses. The pace and scale of attacks require the cybersecurity industry to move from defense at human speed to defending at machine speed.

The conference also underscored the real-world repercussions of cyberattacks. Cybersecurity needs to move beyond information security strategies and become part of the overall business strategy. Henderson stated that cybersecurity is no longer just about protecting data, it's about protecting the business.

The conference also highlighted the staggering scale of cybercrime. Cybercrime is expected to reach $10.5 trillion by 2025, making it the third-largest economy in the world behind the U.S. and China.

Inglis spoke as the National Cyber Director at the RSA Conference in San Francisco in June 2022, emphasising the importance of national cybersecurity strategies and highlighting key issues of cyber resilience and defense collaboration. Federal authorities share specific and timely information when available, but warnings are often general due to lack of additional information.

Some ransomware groups are aggressively initiating attacks, leaving organisations with little time to respond (typically 24 hours or less). Organisations are facing a consistently exponential rise in cyberattacks, threats, and ransomware demands, and are typically given 24 hours (if they're lucky) to respond.

In conclusion, the RSA Conference underscored the urgent need for a united front in cyber defense, the importance of simplifying cybersecurity solutions, and the need for cybersecurity to be integrated into overall business strategies. The growing threat of cybercrime and the increasing use of zero-day attacks demand a proactive and collaborative approach to cybersecurity.