The RSA Conference 2023 held in San Francisco brought together cybersecurity experts from around the world, who shared insights, opinions, and best practices on the various issues related to current and emerging cybersecurity threats. Several News Desk conversations with Dark Reading covered a broad array of topics ranging from emerging security technologies, critical infrastructure attacks, identity management, virtual networking, and generative AI. The interviews also touched on automation, vulnerability management, and other issues.
The Rise of Critical Infrastructure Attacks: Xage Security’s Identity-First Approach
Duncan Greatwood, the CEO of Xage Security, discussed how the vulnerability of information and operational technologies has led to the rapid rise of critical infrastructure attacks. He traced this back to the Colonial Pipeline attack in 2021, which disrupted gasoline supplies to the East Coast of the United States. Greatwood advocated for an “identity-first” approach to secure critical infrastructure, where each device is given a unique cryptographically signed identity that establishes trust and enables secure communication.
Industrial Security Evolution: The Role of Information Technology Policies in Operational Technology
Terence Liu and Jeff DePasse of TXOne Networks discussed the profile of critical infrastructure in the National Cybersecurity Strategy and whether information technology policies could work for operational technology. They emphasized the importance of integrating both IT and OT security policies to achieve a holistic security approach.
Reducing Dwell Time Amid Increasing Ransomware Attacks
Charles Carmakal of Mandiant Consulting delved into the findings of the annual M-Trends report and noted that the dwell time for attackers has decreased to 16 days, while ransomware and extortion attacks increase. He advocated for a proactive security model that detects and isolates threats before they cause damage.
Advancements in Authentication Technology: The Importance of Zero-Trust Authentication
Patrick McBride of Beyond Identity highlighted the challenges and shortcomings of existing authentication technologies and emphasized the importance of Zero-Trust authentication to improve accuracy and effectiveness. He noted that Zero-Trust authentication is not a one-size-fits-all approach and can be customized based on organizational needs.
The Challenges of Security Automation and Endpoint Management
Dave Frampton of Sumo Logic Security discussed the challenges organizations face with security management and the limitations of automation to fulfill these needs. He also highlighted the importance of endpoint management and the need to reduce the number of tools used to manage endpoints while enhancing their intelligence.
The Future of Cloud Security: Breaking Up Silos With CNAPP
Yinon Costica of Wiz talked about how the combined functionality of cloud-native application protection platforms (CNAPP) streamlines operations for security professionals and breaks down the silos between developers and security teams.
Insights for Protecting Against Active Adversaries
John Shier of Sophos outlined the company’s new active adversary reports and described how attacker behavior is changing due to a shift towards more sophisticated attacks. He also discussed the driving forces behind these changes.
Combining Networking and Security: Doubling Down on DNS Threats
Brad Rinklin and Renée Burton of Infoblox discussed the company’s recent rebranding that unites networking and security, delivering improved performance and protection. They also highlighted how DNS threats are increasing and the need for organizations to address these threats.
The experts at the RSA Conference 2023 agreed that cybersecurity threats are constantly evolving, and organizations need to stay vigilant and proactive to defend against cyberattacks. Advanced authentication technologies, holistic security policies, automation, endpoint management, cloud security, and the integration of networking and security are a few strategies that organizations could adopt to combat these threats.
<< photo by cottonbro studio >>
