Announcement at RSAC 2023 marks partnership with AI to define the future of cybersecurity

CISOs want a consolidated view of endpoints, identities, and assets across their networks and more efficient real-time data visibility. We also seek pricing help from vendors to stay within budget. A new announcement at RSAC 2023 had to be benchmarked against these two goals.

RSAC proves integrated selling is a team sport

The theme of the conference, ‘Strong Together’, was appropriate given the dozens of new alliances and partnerships being launched. As CISOs push vendors to better integrate their tech stacks and spend to increase effectiveness, leading vendors such as CrowdStrike, Delinea, Google, Mandiant, Accenture and Palo Alto Networks are: I am answering. 2023 will be more than any previous edition of the conference.

The work of Accenture and Palo Alto Networks reflects the value the Alliance has to offer to win long-term engagement. The companies will work together to deliver a joint Secure Access Service Edge (SASE) solution powered by Palo Alto Networks’ AI-powered Prisma SASE, enabling organizations to improve cyber resilience and accelerate business transformation.

Rex Thexton, Head of Cybersecurity Protection at Accenture, said:

It was clear who were the earliest to recognize consolidation as a business opportunity and who were just beginning to recognize the need to create a shared system with robust APIs to meet the needs of CISOs.

CrowdStrike’s integrated strategy, built on XDR, a platform that can use AI to deliver better threat intelligence, is one of the first companies to take a product-based approach to this opportunity. Palo Alto Networks took a holistic approach to integration at last year’s Ignite ’22 conference. CrowdStrike follows up its partnership announced at RSAC 2023 with the announcement of the industry’s first native XDR products for Google Workspace, CrowdStream (powered by Cribl), and ChromeOS.

Alliance Benchmark with Platform Support

A great way to benchmark many new partnerships is to see which ones can share telemetry data and provide a unified view of your company’s network and endpoints. That’s what CISOs want. Absolute Software’s Application Persistence-as-a-Service Ecosystem (APaaS) is an alliance program supported by a scalable platform that allows CISOs to improve effectiveness, real-time data visibility, and network-wide endpoint, identity, and It reflects how it helps you get a unified view of your assets.

Absolute took an innovative approach to designing its APaaS platform, allowing ISV partners to leverage its expertise with Absolute Persistence technology. Absolute’s technology is embedded in the firmware of over 600 million PCs, making it the only self-healing endpoint platform that provides an unremovable digital tether to all devices and endpoints to ensure resilience. increase. By taking a platform-centric approach to APaaS initiatives, ISV partners can leverage application resiliency and measure the health and integrity of all endpoints.

ISVs integrate the Absolute APaaS SDK into their installers. This allows you to register and activate absolute persistence, enabling your app for application resiliency and self-healing on behalf of your end customers.

Absolute’s APaaS won an award in Cyber ​​Defense Magazine’s (CDM)’s Next Gen Cyber ​​Resilience Solution category at this year’s RSAC.

AI is the new DNA of cybersecurity

Cyber ​​attackers routinely use ChatGPT to personalize phishing messages, craft ransomware code, fine-tune malware-free attack strategies, and automate how they search for open ports in target organizations. To do. Cyber ​​attackers can move faster than the most efficient cybersecurity and security operations center (SOC) teams and technologies, reinventing attack strategies in minutes and moving from one continent to another to avoid detection. move the attack.

All breach attempts are designed to exploit human weaknesses such as social engineering and overwhelming complexity, speed, and scale. Machine learning and AI are needed to tackle the challenge of containing a breach.

Of the many outstanding keynotes given at RSAC, Vasu Jakkal (Microsoft CVP, Security, Compliance, Identity and Privacy) and Jeetu Patel, EVP and GM of Cisco’s Security and Collaboration Business Unit, are the most memorable. I gave the remaining two lectures. Both speakers articulated a vision of AI that defined AI as the new DNA of cybersecurity. Each noted how important it was to achieve machine size and speed to counter attacks.

“When we think about why we need AI, we need to remember who we are,” Vasu explained in an insightful and engaging keynote entitled Defending at Machine Speed: New Frontiers in Technology. bottom. “Today, the threat landscape is challenging. We went from 567 attacks per second to 1,287 attacks per second, which equates to tens of billions of attacks. Cybersecurity is very complex. The average defender is dealing with 70+ tools at any given time, and it takes a long time to research and strategically consider all this work so that AI becomes a game changer.”

Cisco’s Patel told VentureBeat at RSAC this week: “So, not knowing what is legal activity means not knowing what regular activity you are doing. Ultimately you face the following dilemma. If we can’t deal with these attacks and the increasing sophistication of human-scale attacks, we’ll have to deal with them at machine-scale.

“To address at machine scale, we need inseparable data and telemetry. We need correlations between domains. So the concept is [a] Cross-domain native boundaries are very important. Because it feeds AI models that help detect anomalies better. This allows us to not only detect breaches faster, but do the right thing to respond as quickly as possible. ”

Patel’s keynote, Threat Response Needs New Thinking. Don’t ignore this important resource. Worth seeing.

Integrated AI is table stakes

The RSAC event also showed which cybersecurity vendors are taking a systematic, platform-based approach to augmenting existing AI systems with more adaptive models. CISOs want real-time data visibility and a unified view of endpoints, identities, and assets across their networks, supported by AI-based insights.

VentureBeat spoke with several RSAC CEOs to learn how they perceive the value of AI in their current and future product strategies. NextDLP CEO Connie Stack told her VentureBeat: AI and machine learning algorithms can analyze patterns in data and detect anomalies that can indicate security breaches or unauthorized access to sensitive information long before policy violations occur. ”

Stack also mentioned how NextDLP is considering it. This allows security teams to take proactive measures to prevent data loss or exposure. Our customers and prospects are excited about the potential of AI and ML applied to DLP use cases. They see great potential in reducing the manual work involved in detecting data loss so that valuable security resources can be reallocated to other tasks. ”

Most CEOs and CISOs put insider threats higher on their list of priorities than last year. The reason: Many companies haven’t announced layoffs, but tech workers are feeling uneasy as news is frequent that his leader is laying off thousands of employees. . VentureBeat asked his Stack how AI can be used to mitigate or eliminate insider threats on the NextDLP platform.

She told VentureBeat: AI and ML algorithms monitor user behavior and enable organizations to immediately detect and respond to potential data loss incidents. Behavioral analytics can quickly detect anomalous patterns, such as accessing sensitive data outside of normal work hours or downloading large amounts of data to external devices, to help analysts follow up without violating policy. Flag for up. ”