RSAC 2024 Reveals How Companies Are Using AI To Strengthen Cybersecurity

The RSA Conference 2024 focused on best practices, and groundbreaking innovations.

17:54 24 May 2024

The RSA Conference 2024 brought together tech experts, cybersecurity professionals, and 40,000+ fans for four days of expert perspectives, best practices, and groundbreaking innovations. Some of the keynote highlights included the power of working together, the most dangerous new attack technologies hackers are using, and a review of the first decade of corporate ransomware. 

The conference also covered problems and solutions for securing software supply chains, AI and ML challenges, how cybercriminals are using generative AI, and the NSA’s perspectives on the state of hacking. One theme that prevailed throughout the conference was the role of proactive AI in revolutionizing cybersecurity. Here’s an overview of RSAC 2024 key highlights on how AI is strengthening cybersecurity.

AI and ML in Cybersecurity Automation

Artificial intelligence and machine language have gained mainstream adoption over the past few years, especially after generative AI models like ChatGPT emerged. However, AI and ML are not new to cybersecurity. The industry has relied on advanced computations to automate routine tasks involving large volumes of data. Generative AI technologies have democratized access to AI, making it possible for anyone to evaluate their security posture. Modern companies are using AI to analyze threats and enhance risk management outcomes. AI can analyze large volumes of data to accelerate threat detection and response times. 

Technologies like machine learning can identify trends and patterns, flag suspicious activity, make human-like decisions, and provide insights to further improve cybersecurity. As noted by many CEOs at RSAC 2024, the goal is to move away from reactive to proactive implementations. AI is at the forefront of proactive cybersecurity and can help enhance the efficiency of human analysts in security operations centers. Companies like Proofpoint demonstrate how AI can be used to enhance threat detection and protect the email delivery chain across pre-delivery, post-delivery, and click-time. AI also enables security teams to streamline workflows, transform the user experience, and automate threat detection, alerts, and mitigation.

Securing Accounts and Data with AI

AI has proven integral in securing accounts and sensitive data throughout its lifecycle and is being leveraged by several industries for this purpose. For instance, real money gambling providers can use AI and ML biometrics to capture user patterns like page visits, games played, and casino bonuses claimed. Some players prefer deposit bonuses and free spins they can spend on slots, while others look for cashbacks or live casino deals. When someone else logs into the account, the AI models can analyze the interaction, flag suspicious activity, notify admins, block the hacker automatically, or prompt authorization. 

Using AI to secure sensitive data is best exhibited by Normalyze, a security company that uses AI to protect data across cloud and on-premise environments. According to Normalyze CEO Amer Deeba, AI helps them to understand where sensitive data is kept, those who have access to the data, and all associated risks. AI tools connect data from various environments, focusing on configurations, access, data sensitivity, and vulnerabilities to identify attack paths that lead to breaches. Leveraging AI capabilities enables autonomous tracking and securing of sensitive data from the moment they’re entered into LLM systems to their use in data environments.

Enhancing the Efficiency of Cybersecurity Solutions

In recent years, CISOs have had a strong interest in various solutions, including cloud security and cloud-native application protection platforms. Other solutions include endpoint security, container security, identity access management, risk management, extended detection and response, zero trust, and secure access service edge. Most CISOs at RSAC 2024 expect secure access service edge, also known as SASE, to resolve current and future cybersecurity threats. The mission is to consolidate networking and security as a way to address the complexity of the security stack instead of focusing on a specific hacking tool or threat group.

One of the key highlights CISOs and CIOs made at RSAC 2024 was the role of AI in fortifying cybersecurity solutions. According to cybersecurity experts, AI-enabled SASE platforms will enable companies to adapt to evolving landscape threats and business needs, resulting in optimal security posture. These AI solutions provide a single console optimized for enhanced performance, threat detection, and automated responses. One example of SASE solutions exhibited at RSAC was NetCloud SASE by Cradlepoint. The solution is optimized for Wireless WAN, 5G, SD-WAN, and zero trust, and uses NLP for query and troubleshooting assistance.

Peeking Into the Future of AI in Cybersecurity

AI is already intertwined with modern cybersecurity and will be integral in creating adaptive, secure data center infrastructure for the future. Many tech companies are responding to the challenge by launching various AI-enabled tools to enhance threat detection and mitigation. Google launched its Gemini 1.5 Pro integrated Threat Intelligence solution at RSAC 2024, enabling users to perform conversational searches across threat data centers. This launch will enable advanced threat analysis and global threat monitoring that leverages crowd-sourced and human intelligence.

Advancements in GPUs and DPUs such as those delivered by NVIDIA also facilitate the deployment of generative AI platforms and large language models. The future promises a massive shift from simple AI chatbots to robust systems designed to address infrastructure-level challenges. Hardware acceleration, natural language processing, machine learning, and generative AI all have a strong influence on cybersecurity and will shape its future. Currently, security organizations can leverage different AI tools to automate threat detection and risk management. In the future, these tools will likely be consolidated into sophisticated systems that offer comprehensive adaptive protection across the entire infrastructure.