RSAC 2024: 3 Insights You May Have Overlooked

Cybersecurity leaders converged at RSA Conference (RSAC) 2024 to explore "The Art of Possible,” a theme meant to both inspire hope and perhaps offer a cautionary reminder of the expanding capabilities of our adversaries. While mulling over what’s possible naturally steers our imaginations toward tomorrow, the cybersecurity professionals I spoke with are more interested in the threats their organizations face today and how best they can defend against them. Call it: "The art of what’s possible now."

With so much to see, it’s easy to overlook some important trends and discoveries. These three are worth checking out.

1. Using intelligence insights to combat ransomware

If you missed our session at RSAC, The 2024 Ransomware Threat Landscape: What’s Fueling the Epidemic?, you missed plenty. Attendees learned a lot about this escalating scourge, including how:

• Vectors of infection are now pivoting from email spam loaders to exploiting Internet-facing servers and device vulnerabilities.
• Most of the more popular ransomware tools are increasingly dual-use or living off the land (LOTL) tools, turning legitimate software against its owners and making identification and prevention more difficult.
• It’s possible (there’s that word again) to block malicious activity while still allowing legitimate functions–but only with the right solutions.

Among those solutions: Symantec Adaptive Protection, which delivers actionable intelligence into attacker tactics, techniques, and procedures (TTPs) to help incident responders identify which LOTL tools attackers are using—and then shut down those routes early in the attack chain. Carbon Black App Control also protects against LOTL attacks through behavioral analysis and granular control over what applications can do.

2. Things that make you go ‘hmmm’: AI as a threat–and a solution

If you didn’t see artificial intelligence (AI) everywhere at RSAC, then get thee to an optometrist. With a record-breaking 90+ related sessions and AI-related announcements everywhere, AI was impossible to miss. But what can you take away from all the buzz?

Like RSAC 2024’s Janusian theme, AI is two-faced—simultaneously a threat and a solution. Some speakers discussed AI's darker side, including AI-driven hacks, deepfakes, weaponry, breaches, phishing, and malware. Yet RSA noted a general absence of FUD (fear, uncertainty, and doubt) among the majority of the talks. Instead, attendees learned how machine learning (ML) and AI are being marshaled to fortify cyber resilience, enhance workforce development, turbocharge threat mitigation, and improve the user experience.

For instance, the SymantecAI chatbot speeds up support for Symantec solutions, delivering immediate assistance with accurate and reliable information so admins can focus on keeping systems secure and running smoothly. Meanwhile, Carbon Black App Control, a leading application control solution that enables you to establish a “default deny” posture for software, is the product of pioneering efforts in using trust mechanisms and a behavior-based approach instead of the standard signature-based approach based on lists that need to be constantly refreshed. This development broke new ground in enabling proactive security, which leads us to takeaway No. 3.

3. Proactive security: No time for waiting

Forrester Research predicted that proactive security would be a major focus area for RSAC vendors, but not everyone had solutions to show for it. That’s a problem for organizations that need defenses they can deploy now. Per Forrester, effective proactive security solutions that deliver visibility, prioritization, and remediation. We agree, and here’s how Broadcom’s Enterprise Security Group delivers:

Visibility

Taking a proactive approach requires full visibility into endpoints so you can proactively close security gaps and identify indicators of attack (IOA) and indicators of compromise (IOC). We’ve also found that customers need unparalleled insight into endpoint events in their environments, while ensuring you leave no blind spots for attackers to target by allowing only trusted assets to enter your environment.

Prioritization

With increased visibility into your environment, you’ll need to prioritize the threats that matter most. Our solutions alert teams to actual malicious threats, and critically dampens the noise of non-actionable data so security teams have more time for, well, everything.  

Remediation

Solutions that streamline remediation and prevent similar attacks are key to any proactive security environment. We deliver the ability to find the root cause of incidents and then verify that all impacted assets are identified during an investigation. And for a truly proactive stance on remediation, solutions like Carbon Black App Control’s help you establish a default deny posture that not only significantly reduces your risk–it reduces the need to remediate at all. 

Implement what’s possible now

Though the dust is settling after RSAC 2024, I expect things are as busy as ever for you. You’ve returned with fresh insights and actionable steps for rebooting your security and shifting to a proactive stance. And as you speak with vendors about what’s possible at your organization, ensure that they offer:

• Supports the three principles of proactive security: visibility, prioritization, remediation
• Protects against ransomware
• Leverages AI or defends against AI-powered attacks
• Integrates with your current security stack

Explore your possibilities today by scheduling a personalized call with one of our product experts.