Quick RSAC 2023 Recap: We’re Back (and Stronger Together)
We’re back (and stronger together)! After a fully virtual RSA Conference in 2021 and an RSAC delayed by Omicron in 2022, it seems that the conference was finally back in full swing at San Francisco’s Moscone Center this past April 24th-27th. With over 40,000 attendees, 650 speakers, and 500 exhibitors in attendance, RSAC 2023’s attendance almost doubled compared to last year.
“The enthusiasm and buzz felt in and around RSA Conference all week was palpable as we welcomed our community to San Francisco. Gathering the world’s most efficient and innovative cybersecurity problem solvers to tackle current and future threats remains critical.” -Linda Gray Martin, Senior Vice President, RSA Conference
While, in true security conference form, there were a couple of flashy bits and star-studded appearances (like Fred Armisen opening up the conference with a rendition of “All You Need Is Love” by the Beatles for some reason?), the heart of the conference remained great conversations with community leaders discussing the future of security.
Keynotes: New attacks and the future of risk
Highlights from the talks included “The Five Most Dangerous New Attacks” session by the SANS Institute—the new attacks being SEO attacks, malvertising, attacks against developers, ChatGPT in malware (ransomware) development, and generative AI in phishing/social engineering—and stand out “Your Third-Party Risk Management Program is Bad and You Should Feel Bad” session by Brian Markham and Chris Castaldo. In their session, Markham (CISO, EAB Global) and Castaldo (CISO, Crossbeam) spoke on the future of third-party risk, highlighting transparency and trust over conventional measures like security questionnaires.
“Security leaders understand the importance of third-party risk. We have created questionnaires and invested in tools to support the process. Even with these investments, orgs find themselves on a hamster wheel; pouring resources into a process that doesn’t make anything more secure. We're here to challenge old ways of thinking and to inspire new approaches to third-party risk management.” -Brian Markham and Chris Castaldo on their Risk Management & Governance Track Session
Okay fine, we’ll mention AI
While identity, threat detection and response, operational difficulties, and supply chain issues remain top of mind, to repeat what you’ve probably been hearing nonstop: AI is the hot new topic. However, there’s less consensus around AI than one would think. While it’s clear to everyone that AI will change everything, no one is sure what those changes will look like or how to decisively answer the big questions—like if AI should continue to be a “co-pilot” for human decision-making or move into the decision seat itself.
One of the most frequent questions we at Crosswire were asked was “Okay, but what does AI actually do for you?” (to which we answered by talking about our AI-powered ITDR to monitor for permission anomalies, configuration drifts, account takeovers, cookie theft, and other emerging threats—more on that soon!). Everyone is looking to each other for guidance on what’s just hype and what’s real as well as how to usefully apply AI in the security space (stay up to date with Crosswire as we navigate these questions ourselves here).
Security is still about people: Stronger Together
On the note of camaraderie and helping each other out, an account of RSAC wouldn’t be complete without talking about its theme: “Stronger Together.” Every person we talked to was pleasantly surprised by their industry’s willingness to chat with and help out everyone, including their competitors, and by the general spirit of togetherness that permeated the entire conference. At the end of the day, security is about people solving people’s problems.
Even just with us at Crosswire, we had a range of… interesting “people” experiences, from being roped into a long conversation about half-baked chicken to seeing Sugar Ray performing at an offsite event (note: asking people who work in security to “make some noise” goes about as well as you’d think). We even had another vendor help us retrieve our swag (shown below) trapped by a faulty lock, an act of kindness and solidarity that’s hard to encounter when we’re isolated but so abundant when our community’s together.
From running into old friends to meeting new people at after-hours events, we’re reminded that people are at the heart of security, and, despite the admitted cheesiness of the sentiment, we really are stronger together for it.
“We are a community of many. No one goes it alone; we build on each other’s diverse knowledge to create the next breakthrough — exchanging ideas, sharing our success stories, and bravely examining our failures. With a world of evolving threats to stop and solve, only by working as a team and continually adding new perspectives will we be able to affect the kind of progress that can shape policy, establish new best practices, and ensure our defenses become more diverse, more resolute, and far more effective. When collaboration is our foundation, the future is bright. RSA Conference 2023. Stronger Together.” -RSA Conference on this year’s theme
To stay up to date with Crosswire on all things infosec — events, webinars, blog posts, and more — sign up to receive our updates below!
More from our blog
CISOs Chris Castaldo and Tanner Randolph share insights on security maturity and identity in the enterprise.
Whether this is your 1st or 21st time at Black Hat, these tips can help you weather a jam-packed and intense week.
False positives are a huge problem in security: see what Crosswire is doing to prevent them and mitigate their effects.
We've made the modern identity stack entirely too convoluted and broken, but not for the reasons you think.
How are you protecting your accounts before an incident can occur (or slowing an incident down before it really ramps up)?
This is Solution 2: Remediate of a two-part series on how to detect and remediate evolving identity threats.
This is Solution 1: Detect of a two-part series on how to detect and remediate evolving identity threats.
Explore the historical use, modern approaches, and future applications of AI in detection and response (D&R).
If you’re looking for the right time to join a high-risk, high-reward venture, we’d argue that there’s never been a better opportunity.
IT security audits can be a pain for everyone involved: check out our solutions to make this auditing season just a little bit easier.
RBAC lacks sophistication and flexibility, failing to address the access needs of the modern company.
Who owns identity at your org? Identity is (and should be treated as) a co-owned problem between security and IT.
Yep, you heard that right; we at Crosswire believe that your Okta groups should be as empty as possible.
Crosswire, and its co-founders Johnny and Nick, are building the future of enterprise identity in new and exciting ways.
The theme for 2023’s RSA Conference™ is “Stronger Together.” When info security is more important than ever, so is collaboration.
It’s no secret that your IT organization is crucial to your company. But are they getting all of the resources they need?
Why cybersecurity is more crucial than ever and what you can do to make your organization more secure, no matter your role.
Five significant ways to improve your workflows with automation and get more results than your resources permit.
Crosswire’s technical usability guide to Okta Lifecycle Management (LCM), from onboarding to offboarding.
Subscribe to our blog
Get Crosswire's security insights delivered straight to your inbox. No frills, no spams, unsubscribe anytime!