Generative Artificial Intelligence, threat detection and response, simpler cybersecurity solutions, attack vectors, and identity and access management were among the key cybersecurity industry trends grabbing attention at the RSA Conference in San Francisco. Read on to learn the main takeaways from our analysts who attended the recent event.
You can also reach out to us to learn more.
The annual RSA Conference (RSAC) lived up to the expectations of being one of the industry’s largest cybersecurity events, with 40,000-plus attendees packing the Moscone Center over four active days. The energizing atmosphere showed the cybersecurity community’s eagerness to meet and socialize again post-pandemic.
Here are the main cybersecurity industry trends we saw at RSAC 2023.
Generative Artificial Intelligence (GAI)
Generative AI stole the show with widespread discussion on the technology in every corner of the trade show floor that continued at social gatherings. Among the many new products launched at the event was Google Cloud’s Security AI Workbench, based on its propriety security large language model (LLM) Sec-PaLM that includes data sets from Chronicle VirusTotal and Mandiant threat intelligence.
In the past few years, advanced AI and Machine Learning (ML)-based technologies and use cases have swept the cyber industry. But we have never seen such a level of hype as garnered by Microsoft’s announcement of Security Copilot, based on OpenAI’s GPT-4 Generative AI. This security analysis feature is aimed at helping security professionals understand threat landscapes and quickly detect and respond to potential threats.
Generative AI’s many benefits outweigh security concerns, especially in the talent-crunched cyber market. It can play a defining role in bringing efficiencies in security operations and scaling talent readiness.
Among potential areas we see Generative AI playing a larger role are summarizing incidents and findings, generating clear and concise reports and presentations, and augmenting human analyst capabilities by tailoring responsibilities to the organization’s landscape and enhancing the analyst experience.
Threat detection and response
Managed detection and response (MDR) and extended detection and response (XDR) providers had one of the largest presences at expo booths. As detection and response emerges as a primary shield by enterprises to protect and defend against cyber attacks, demand is increasing for MDR services.
Further, enterprises demand extensive telemetry coverage across not only traditional touchpoints such as endpoints and networks but also across next-generation touchpoints such as cloud, SaaS applications, and Internet of Things/operational technology (IoT/OT).
Our recent analysis of 27 MDR service providers in the Managed Detection and Response (MDR) Services PEAK Matrix® Assessment 2023, found OT and IoT monitoring and response are key differentiators within enterprises.
Shift from best of breed to ease of integration and management
Cybersecurity point solutions have grown 13 times in the past decade, increasing complexity and slowing enterprise decision-making. Enterprises are demanding a shift from best-of-breed solutions to future-proof solutions that are easy to integrate and manage.
This is creating opportunities for providers to approach the enterprise cybersecurity landscape with a consolidation mindset, drive simplification, and reduce the total cost of ownership.
Attack vectors remain a constant
Vulnerabilities, cyber-attacks, ransomware, supply chain security, software bill of materials (SBOM), and breaches remained the buzz at RSAC 2023. Aggravated by the ever-changing and never-ending regulations, the C-suite is in the middle of cybersecurity action, and cybersecurity providers must focus on boardrooms for budget approvals.
Year of identity
Will 2023 be the year of identity? Identity and access management has risen as an area getting maximum budget allocations and missing the CFO’s axe in the current macroeconomic headwinds. Enterprises are looking to get started with identities to fortify their cybersecurity posture, kickstart the zero-trust journey, enhance customer experience, and drive business outcomes from cyber investment.
Everest Group will continue to investigate this growth area. Stay tuned for our inaugural Identity and Access Management PEAK Matrix Assessment.
To discuss RCA and cybersecurity industry trends, please reach out to [email protected] and [email protected].
Dive further into the current Generative AI discussion in our webinar, Welcoming the AI summer: How Generative AI is Transforming Experiences.
