Generative AI, RSAC

RSAC 2024: Session speakers explore practical applications of AI

RSAC 2024 column by Philip George

RSAC 2024 has been in full swing for the past few days and there’s definitely a sense of excitement to see how far AI has come in the past year.

Click for more special coverage

This year’s theme was “The Art of Possible,” and many of the sessions this year have showcased some of the best efforts in the industry to illustrate practical applications of AI – and what’s coming down the pike tomorrow. From large OEM’s like Microsoft to growing EDR/XDR companies like CrowdStrike, participants are getting a first-hand look into how GenAI will affect cyber operations, compliance, and threat hunting across all sectors.

In the past, the vendors would focus on how AI and all its components were helping to achieve outcomes for their specific product category or capability. However, this year’s conference has showcased broader applicability and deeper understanding of what’s actually possible for industry and the public sector alike. They are specifically showcasing what a responsible and scalable AI program should entail and how cybersecurity can transition from being a blocker to an enabler.

During his session on Tuesday, Rehan Jalil, chief executive officer of Securiti AI, said data combined with AI will drive the largest transformation across the enterprise. Jalil said the transformation will come through the growing access to data anywhere at any time, across any cloud environment.

This capability will unleash the full potential of big data and deep learning across all areas of the digital ecosystem. But Jalil said with this explosion of innovation and discovery comes the requirement to ensure that AI models have agency, security, and governance mechanisms for human operators to leverage. For organizations seeking to establish an AI program, Jalil said they should continue to follow these cybersecurity best practices:

  • Catalog AI models and agents. Know what the team has running and avoid shadow AI activities.
  • Assess all catalog models against known risks, regulations, and business use-cases to ensure close alignment for all three requirements.
  • Understand how the cataloged models are accessing and using data-sources within and outside of the hosting environment.
  • Adjust to the reality that unstructured data will become the focal point of GenAI innovation; it will require security, entitlement management, sanitization, and lineage tracking for effective governance.

Securiti AI’s Jalil also talked about “Context Memory” – the ability of AI to sustain a broader situational awareness of a system’s state over a period of time than that of its human counterparts. This significantly enhances cyber threat hunting activities and increases the chances of detecting adversaries that may be living-off-the-land or using tools that are indigenous to the targeted system/environment.  

At one of the other RSA sessions on Tuesday, Caleb Sima, chair for the AI Safety Initiative with the Cloud Security Alliance, said the enhanced ability to apply contextual insight from various real-time telemetry sources for human threat and risk managers will expedite decision-making for everything from authorization-to-operate processes to active threat management and incident response.

Coverage gaps will potentially become more readily identified through natural language interactions and queries of existing data sources. This promises to drive better communication by reducing noise generated from inefficient human queries to more targeted natural language queries that are now outcome focused.

This emergence of human cyber defenders who are now enhanced with AI assistants such as Microsoft’s Co-Pilot or CrowdStrike’s Charlotte represents "The Art of Possible" today. Based on what I've seen this year at RSAC, security pros can expect even greater integration and automation on the horizon tomorrow.

Philip George, executive technical strategist, Merlin Cyber

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.