The RSA conference has earned its reputation as the place ‘where the world talks security.’ Although Defcon and Black Hat might have the ‘hacker’ edge, it is in RSA that you will see where the innovations made on the fringes become part of everyday life.
As one of the world’s foremost cybersecurity companies, Utimaco has had a presence at RSA since its inception. Our attendance isn’t entirely commercially focused though: the conference is the ideal place to take the industry’s temperature, seeing what is and what will be a major focus.
I’ve outlined what I see as the stand-out topics and industry trends, based on the presentations and the general talk around the conference.
AI continues to dominate the conversation
To nobody’s surprise, artificial intelligence (AI) continues to be the major topic that seemingly everyone has an opinion on.
The cybersecurity industry has been using AI in various ways for quite some time now, long before the current craze for AI born from the emergence of Large Language Models. This paradigm doesn’t have game-changing utility when it comes to security: being able to create realistic-looking (but often flawed) text and images isn’t something that companies often need outside of customer-service and marketing applications.
The advantage of the current AI craze has been to focus the industry on existing and upcoming applications of AI in more mundane roles – machine learning to identify the signs of bad actors for instance. The AI-enabled solutions at RSC were all extremely varied, showing that this won’t be a buzzword but is and will stay as a major part of modern cybersecurity.
PQC hits the mainstream
Although it is rarely in the popular press, the industry is heavily invested in post quantum cryptography (PQC). Even though nobody knows when quantum threats will become real, the industry is gearing up to have as much infrastructure and data as possible secure long before this happens.
Of particular interest was the work that is being done by major vehicle manufacturers, like GM, to secure vehicles. The average car can be on the road for 11 years, some even longer, and it is possible that vehicles on the road today might be exposed to quantum threats in the future. We have already seen how damaging cybersecurity breaches in vehicles can be, so this seems like a sensible preventative measure.
Securing the Supply Chain
Combining elements of AI, PQC and other forms of security, we saw a strong emphasis on supply chain security.
Any security setup is only as strong as its weakest link, and when a system can have software and hardware from dozens of sources that weakest link could be anywhere. There have been numerous ways proposed to allow organizations to audit their supply chain, including cloud blockchain-based systems. As supply chains become more complicated their security becomes exponentially more difficult, especially when PQC and hybrid-cloud systems have to be taken into account, so this is a conversation that we are very excited to see happen.
Hardware solutions
Although there was no shortage of cloud-based security systems on show, we were pleased to see that hardware is still a major part of cybersecurity. There was a huge amount of physical technology on show, demonstrating that hardware security modules (HSMs) are capable of solving some of the most complex problems – something that we’ve been saying throughout our 40-plus years of operation.
Overall, this year’s RSA showed a cybersecurity industry that is on the precipice of major changes, particularly when it comes to quantum security and the full integration of AI into everyday life. We also see the serious vulnerabilities in supply chains are being attended to – this may not gain as many headlines as AI, but it is arguably the most important challenge in cybersecurity today.
All in all, the conference shows an industry that is looking forward while taking on the biggest problems that exist today.
