I’ve attended RSA Conference for years. The event is always special, but this year was momentous because it was our first time exhibiting as Fortra. Our booth was aptly situated at the entrance of the vendor hall. Many attendees were amazed to see the breadth of cybersecurity solutions Fortra offers. A very frequent reaction was, “You mean you do all that?”
What I personally look forward to each year is taking the pulse of the cybersecurity industry in terms of innovation, new products, new ways of solving age-old problems, and how products are positioned to appeal to executive buyers.
These are the four most interesting trends I observed:
1. Quantum Computing
As a student of physics, it’s exciting to see that the quantum effects possible in labs are on their way to being more commercially available. That said, advances in quantum computing need to be continuously monitored in the years to come to assess the security impact. This will cause a paradigm shift in the way encryption is handled.
Today, there’s a heavy reliance on asymmetric keys (public key infrastructure or PKI) for encryption with an underlying assumption that the computing power needed to break the asymmetric PKI does not exist. What would take an enormously long time to break this encryption now — RSA-2048 would take millions of years with a standard computer — will be possible in a few minutes with a quantum computer.
This would potentially signal the end of PKI, requiring a return to using symmetric keys. This change, according to the expert panel at RSA, may come in the next 10+ years. The risk would be first and foremost relevant at a national security level. The general guideline is to plan for this paradigm shift as it will not be an easy upgrade to the existing cryptography deployments.
2. Everything Is a “Platform”
Many users have criticized the nonintegrated point tools common in the cybersecurity industry. The response has been that everything is now messaged as a platform. Not only does this just sound better, but it also simplifies things for users provided the solutions are well designed. I saw all of these categories of platforms during RSA:
Cloud-Based Network Threat Detection and Response
Unified SASE Platform
Detection and Hunting Platform
Security Optimization Platform
Data Security Platform
Software Delivery Platform
API Security Platform
Security Posture Management Platform
Attack Surface Intelligence Platform
These are in addition to the often-discussed XDR and SIEM platforms.
The industry overall seems to be realizing a typical enterprise customer cannot deal easily with a lot of security tools. However, the same problem is going to extend to a platform approach as each has its own UI/UX, workflow, integrations, and outcomes.
As vendors, what we always need to think about is how we can simplify the solutions from a customer perspective. I spoke about this exact problem in my talk during the conference, “Is Increasing Security Maturity and Decreasing Operational Load Possible?”
3. Attack Surface Management
This industry loves acronyms, and what used to be the three classic problems of:
Vulnerabilities for assets, and suggestions for patching priorities based on environment
Secure configuration of assets and networks
are now broken into External Attack Surface Management (EASM), Attack Surface Management (ASM), etc. What is a welcome focus here is the emerging emphasis on supply chain security. As every tool and platform is driving integrations with open source or proprietary software APIs, it has become a necessity to understand how every third-party vendor being used in an environment is approaching cybersecurity.
An example here is the latest ChatGPT Data Leak due to a vulnerability in the open source Redis client library. The case of Log4j from a couple years back is well known and extensively talked about in this regard as well.
In terms of automated and red team testing, API security is a relevant focus. As we migrate to more cloud-native apps built on micro-services, securing the APIs used for all micro-services is critical. In fact, Fortra recently launched a Managed WAF (web application firewall) service that protects APIs.
The same acronym proliferation is happening for the cloud. We should start seeing a convergence of cloud security posture management (CSPM), cloud infrastructure entitlement management (CIEM), and cloud workload protection platform (CWPP) in the coming years.
4. AI/ML in Cybersecurity
Generative AI has produced nonstop discussion around ChatGPT and all the products that are derivatives of it or will be using it for cybersecurity. But there is another innovation worth pointing to. The winner of RSAC Innovation Sandbox, HiddenLayer, is already taking a step ahead in what will be an AI/ML-led arms race in detection.
Today, a number of solutions from networks to endpoints are relying on ML-based models for detecting the more evasive threats. These ML models may themselves be vulnerable to attacks, and HiddenLayer is taking steps to detect those. So, a new rivalry is about to unleash here in addition to the zero-days and onslaught of other vulnerabilities.
Now that RSA has wrapped up, I’m looking forward to seeing the trends at Black Hat USA this August. RSA had 600+ vendors and over 40,000+ attendees. It was the largest gathering since the Covid slowdown despite the current economic outlook. This year’s theme at RSA was “Strong Together,” and I cannot agree more. There is no other way to win against this asymmetric cyber battle front. At Fortra, we’re ready for the challenge.