Security Program Controls/Technologies, RSAC

The AI message at RSAC was long on hype and short on specifics

RSAC update

I spent almost all of last week’s 2023 RSA Conference (RSAC) on the show floor as a technical asset, which has been my usual role for many years.

It was very clear that the pandemic was still affecting overall attendance in show attendees and in how vendors approach the show. As usual, there were a range of vendors from mature incumbent companies that have been fixtures for many years to small startups that were making their first appearance at RSAC. Even with the recent financial uncertainty, the attitude in general remains positive. While there have been a lot of layoffs in the tech sector overall, cybersecurity remains a priority for many organizations and the lack of qualified technical talent remains an issue. 

One of the major topics of discussion at the show was artificial intelligence. There were several technical sessions that delved into the promise and challenges of AI technology, while there were a lot of conversations on the show floor about the subject as well. It’s a hot topic and it doesn’t seem like the hype will quiet down any time soon. 

AI and machine learning have been factors in security products for many years, with various levels of emphasis versus actual effectiveness, but the “ChatGPT conversation” – being the interface that’s caught the public’s imagination – has taken center stage. It’s a different conversation than in previous years where it felt like “AI” or “machine learning” were just buzzwords that were added more for marketing purposes than as a functional part of the product. ML was a functional part of a lot of products, but it wasn’t as powerful as it was often promised. 

Now, numerous vendors mentioned that they were exploring how they could incorporate generative AI into their products, or how it was already on the roadmap. Though, at this point, I found that very few vendors had anything specific to show. The consensus was that generative AI can offer multiple benefits in the cybersecurity world, but we’re still having to figure out exactly where and how it will fit into our security stacks. 

 In talking to people from a range of specialties, industries, and technical capacities, there was some frustration with trying to pick the valid benefits and threats out of the media hype cycle. To paraphrase, the most common take I heard was that it could give some real advantages in triage as a kind of Intelligent SOC Assistant, and for helping with education and dealing with common security issues that the average users face.  

There’s also a place for AI in dealing with the data overload a lot of security teams face. As machine learning and related fields improve, they get better at drawing connections out of disparate data. The generative AI aspects can help draw insights out of that parsed and filtered information. We’re seeing this already in some areas, and it’ll continue to grow. 

Some, myself included, have expressed worry about this latest generation of AI being used for social engineering, but there was much less concern about threat actors using it to develop malware. Overall, the impression was that those of us in cybersecurity had more to gain from this than the threat actors we are trying to stop will. Also, the hype about it being used to create unstoppable malware was highly exaggerated. There’s no doubt that AI will continue to make waves, and I expect we’ll see a lot more of it over the rest of the year. 

Overall, the mood was positive, with a general feeling that even with the downturn, there was still a positive need for investment in cyber. Though that’s tempered with organizations needing to use their sometimes-limited resources to the best effect. On some level that “best effect” idea was apparent in the show booths. While the show was well attended, the displays were subtly toned down from years past. 

A personal highlight was the National Security Agency (NSA) booth. The NSA has been bringing one of their vintage Enigma machines to RSA for years, and this year they brought two of the three-rotor machines with matching rotors. Having two machines with the same rotors let people use them to send encrypted messages, a rare treat for anyone interested in cryptography. 

Mike Parkin, senior technical engineer, Vulcan Cyber 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.