Like a persistent piece of malware that your antivirus product can’t wipe out, the annual RSA Cyber ​​Security Conference was back with a vengeance this year. But while the malware example is inherently malicious, the industry event seemed to stir goodwill and a positive message for the cybersecurity industry, starting with its theme for the year: “Stronger Together.”

Similar to many face-to-face industry events, RSA languished during the height of the pandemic, turning to an online-only presence as the Covid outbreak spread. But from April 24 to 27, San Francisco’s Moscone convention complex reignited again as the center of the cyber security universe. The sponsoring organization reported that this year’s conclave — its 32nd annual event — attracted “more than 40,000 attendees, including 650+ speakers, 500+ exhibitors and 500+ members of the media.”

This year’s event featured a host of distinguished speakers, including current and former elected and appointed officials from numerous foreign and domestic government agencies, as well as highly respected academics and researchers, and representatives from dozens of commercial and non-profit security organizations.

There were also some celebrity guests on hand, including comedian and actor Eric Idle, best known as co-creator of the famed comedy troupe Monty Python, and eight-time Grammy Award-winning country western star Chris Stapleton.

Rising Cybercrime Affects Security Industry Outlook

The mood was decidedly more upbeat than last year’s RSA conference, which scaled back to in-person attendance but drew just 26,000 visitors and saw layoffs among tech companies both in and around the cybersecurity field. And was impressed with the cut report.

What a difference a year makes. Describing the 2023 event, RSA Conference Senior Vice President Linda Gray Martin said, “The excitement and enthusiasm was felt in and around the RSA Conference throughout the week.” Given the enthusiasm of the crowded press and exhibitors, the exaggeration seems justified.

Driving the resurgence of attendance and interest in this quintessential security event was increased awareness of increasingly sophisticated threats, including new forms of ransomware and malware, and the nascent challenges and opportunities presented by generative AI and open source.

As always, RSA provided a convenient milestone for the release of new security products and services, as well as reports and insights focusing on the evolving threat landscape. Several reports published during the event highlighted vertical industries that are particularly at risk, including manufacturing, healthcare and finance.

AT&T Business released its 12th annual Cyber ​​Security Insights Report on RSA, filled with findings from its survey of 1,400 security practitioners in North and South America, Europe and Asia. Respondents were limited to organizations that have implemented “edge use cases” that include the integration of new technologies such as 5G, robotics, virtual reality and/or IoT devices. Not surprisingly, they found these respondents to be under constant threat of attack.

However, with the notable exception of the US SLED (state and local government and education) market, most of those surveyed were more concerned about incidents of distributed denial of service (DDoS) attacks and business email compromise (BEC) fraud rather than ransomware. . and other types of malware, or advanced persistent attacks (APTs).

The results may indicate that security professionals in edge-intensive industries, many of which are considered part of the critical infrastructure of their respective nations, are clearly out of touch with the magnitude of the threats they pose, including state-sponsored attacks. they are facing.

As the report’s authors conclude, “The use of cyber as a geopolitical weapon has forced government regulators and security leaders to become increasingly aware of the potentially devastating nation-state cyberattack. Yet the U.S. Construction management in SLED, and fleet tracking in transportation, are just the use cases for which nation-state cyberattacks crack the top three in perceived likelihood.

Another report released at the RSA event by cybersecurity vendor BlackBerry, its second quarter Global Threat Intelligence report, also showcased a number of specific industries that are drawing heavy fire from cybercriminals. These include healthcare, which encounters an average of 59 new malicious samples per day, including a growing number of new Emotet variants, according to the report.

BlackBerry also found that attacks against government entities, manufacturing and critical infrastructure were targeted by “sophisticated and sometimes state-sponsored threat actors, engaging in espionage and intellectual property operations”.

The company’s newly named CylanceIntelligence cyberthreat intelligence (CTI) subscription service, formally announced during RSA, reported that “crimeware and commodity malware are also frequently found in these critical industries.”

For a more in-depth look at BlackBerry’s findings, please watch the video interview with Ismael Valenzuela, the company’s Vice President of Threat Research, that I conducted during RSA. (Note: In addition to reporting for TechNewsWorld and other media outlets, I also serve as editorial director for BlackBerry.)

AI gets VIP treatment

Much of the discussion and subsequent coverage surrounding RSA 2023 involved the use of artificial intelligence (AI) as an increasingly powerful tool in the hands of both attackers and defenders.

While AI has been around in various forms for decades, its most notable success has been at the box office, usually playing Hollywood villains. Ever since the murderous HAL 9000 debuted in Stanley Kubrick’s 1968 screen adaptation of Sir Arthur C. Clarke’s “2001: A Space Odyssey”, AI has been largely typecast as a homicidal bogeyman in popular fiction. Is.

IBM’s Watson has worked hard to demonstrate more benign uses and behaviors of the technology, even to the extent of appearing as a contestant on “Jeopardy” in 2011. But the most recent and rewarding commercial acceptance of AI has come at the hands of leading cyber security vendors. CrowdStrike and Silence (acquired by BlackBerry in 2018).

Today, AI is practically a checklist item for endpoint security solutions, rapidly displacing older signature-based malware detection. However, the commercialization of generative AI tools using large language models (LLMs) such as ChatGPT in the past year has brought AI into the mainstream in ways Watson only dreamed of, impacting the technology’s usefulness across many fields of endeavor. Precisely exposed and fast tracked.

As predicted by many, one of the first malicious uses of these widely available AI tools has been to improvise phishing lures. Another report released in RSA, Zscaler’s 2023 ThreatLabz Phishing Report, confirms that AI tools like ChatGPT can improve phishing hit rates, ultimately making it easier to steal credentials. But those use cases may represent only the low-hanging fruit of AI for threat actors.

The report states, “New AI techniques and the emergence of large language models such as ChatGPT have made it easier for cybercriminals to generate malicious code, conduct Business Email Compromise (BEC) attacks, and develop polymorphic malware, making it easier for victims to Identify phishing.

As Forbes contributor Will Townsend pointed out in his RSA roundup article, discussions in and around tradeshows highlighted that AI has quickly become “a double-edged sword that will need constant sharpening” because it Rapidly deployed by both attackers and defenders.