Trends

Reflections from RSAC 2024

Table of Contents

RSAC 2024 has come and gone with its usual bluster and bravado. The expo floor was hotter and louder than in previous years, and the talks and keynotes painted a rosier AI-powered future. While some smaller trends change, core issues at the heart of cybersecurity remain the same.

AI-Powered Everything

As expected, AI was the big topic at RSAC this year. Vendors and speakers alike were eager to show their optimism for AI in cybersecurity. At his keynote address, Cisco’s Jeetu Patel went as far as to say that, for the first time in history, we are to enter a period without any scarcity, thanks to AI.

The floor was full of copy that included terms like AI-powered, AI-enabled, and AI-native. The trouble is that for many consumers, this doesn’t mean much. AI in its current state is simply advanced mathematics and heuristics. The more important question is how these AI algorithms are actually making cybersecurity operators’ work easier. Otherwise, we are just squeezing AI and hallucinating LMM technology into products for their own sake.

It was a reality check when it comes to AI. I was expecting vendors to use it in a more transformational way. With the exception of a very few vendors, it was all marketing spinning “find, copy, and replace.”

Platformization: A Cautious Approach

Last year, RSAC’s theme was “Stronger Together.” However, this vision of solidarity is at risk. Only a year later, we see vendors shifting their priorities into a different, more individualistic direction.

Platformization has become a major trend, with vendors consolidating products and offerings into a one-stop shop with all services packaged into a single platform. While a platform approach can be beneficial, it should not mean relying on a single vendor. In a mono-vendor platform, customers often lose out, forced to accept the good with the bad and, in some cases, services that aren’t compatible with their unique networks.

The platform should be open and interoperable. If the platform trend jeopardizes the “stronger together” ethos, I prefer the latter. Small and medium-sized businesses, in particular, are at risk of being priced out of the best technology cybersecurity has to offer.

The Changing Position of the SIEM

There’s absolutely no doubt that SIEM (Security Information and Event Management) has failed at stopping breaches, as George Kurtz from CrowdStrike pointed out. The traditional SIEM approach has been frozen in time, unable to keep pace with the evolving threat landscape. Even Gary Steele from Splunk acknowledged this, stating, “You can’t secure what you can’t see,” emphasizing the critical need for visibility. The limitations of SIEM tools highlight the importance of adopting new, more dynamic solutions that provide real-time insights and actionable intelligence. At RSAC 2024, it became clear that the industry must move beyond the conventional SIEM model and embrace innovative technologies to enhance security operations and effectively combat cyber threats.

The failure of SIEM to deliver adequate visibility is driving the industry towards risk-based approaches. If you have visibility into your network, you know if there is an adversary. Boards might understand and accept risk, but the market seems overly accepting of it. This shift towards risk-based strategies underscores the need for continuous monitoring and assessment to manage and mitigate threats proactively. As vendors and organizations prioritize visibility and real-time intelligence, the focus is shifting from static, reactive measures to dynamic, proactive cybersecurity practices that address risks head-on.

Keynote Highlights Video

Missed the keynotes? Watch this 3-minute recap video to catch up on the major highlights and insights shared by leading experts at RSAC 2024.

Celebrating Diversity in Cybersecurity

As a Black Latino, it was fantastic to see the vibrant and growing Latin community around the streets of San Francisco. During the expo hours at the Moscone Center, the mix of accents from Mexico to Argentina and the sonorous Portuguese created a lively and diverse atmosphere. This cultural richness extended beyond the conference floor, spilling into the city’s restaurants, bars, and coffee shops. With Lumu Technologies, we’re excited to put Latin America on the map as an incubator of top cybersecurity companies, showcasing the innovation and talent that our region has to offer.

Conclusion

A quick glance at the size and scope of the RSAC floor shows that the cybersecurity industry is still faced with a massive problem. At its core, the problem is that adversaries continue to bypass cyber defenses and persist in networks without being detected for long periods of time. We believe that this problem results in a clear conclusion: cybersecurity needs to be operated. Our mission, therefore, is to help cybersecurity analysts operate cybersecurity in a way that is efficient.

I’m more excited than ever about our journey to transform cybersecurity operations for companies of all sizes and verticals.

Recent Posts

  • Trends

CISA Reveals How 12 Ransomware Gangs are Bypassing EDRs

Reading Time: 7 minsEndpoint Detection and Response (EDR) has a critical role in most companies’…

3 weeks ago
  • Trends

Does Infostealer Malware Have US Organizations Under Siege?

Reading Time: 5 minsLumu’s Compromise Report for 2024 uncovers surprising information about how infostealer malware…

4 weeks ago
  • Trends

Lumu Compromise Report 2024: 2 Essential Tips for MSPs to Protect Clients

Reading Time: 4 minsFor MSPs to proactively protect their clients they need good intelligence, such…

1 month ago
  • Technical

The Hidden Pitfalls of Deep Packet Inspection

Reading Time: 6 minsExplore DPI's limitations in network security and discover how Lumu’s cloud-native, metadata-driven…

1 month ago
  • Trends

3 Cybersecurity Trends From the Lumu Compromise Report 2024

Reading Time: 3 minsLumu’s new Compromise Report 2024 reveals the greatest current cybersecurity trends and…

2 months ago
  • Technical

Lumu’s Journey to Log Retention: Reducing Costs and Enabling Compliance

Reading Time: 6 minsDiscover how Lumu's Playback feature improves visibility and efficiency while addressing the…

2 months ago