RSAC 2024 has been in full swing for the past few days, and there's no doubt we're excited to see how far AI has come over the past year.
This year's theme was 'The Art of the Possible' and many of this year's sessions showcased the industry's best efforts to illustrate the practical applications of AI and what could happen tomorrow.
From major OEMs like Microsoft to growing EDR/XDR companies like CrowdStrike, attendees will see first-hand how GenAI is impacting cyber operations, compliance, and threat hunting across the board. can.
Traditionally, vendors have focused on how AI and all its components help achieve outcomes for their specific product category or feature. However, this year's conference demonstrated broader applicability and a deeper understanding of what is actually possible for both industry and the public sector. They demonstrate what a responsible, scalable AI program requires and how cybersecurity can move from an inhibitor to an enabler.
Rehan Jalil, CEO of Securiti AI, said in Tuesday's session that the combination of data and AI will drive the biggest transformations across the enterprise. Jalil said this transformation will be driven by increased access to data anytime, anywhere and through any cloud environment.
This capability unlocks the full potential of big data and deep learning across all areas of the digital ecosystem. But with this explosion of innovation and discovery, Jalil said he needs to ensure his AI models have agency, security and governance mechanisms that human operators can leverage. Organizations looking to establish an AI program should continue to follow his best cybersecurity practices, Jalil said.
- Catalog your AI models and agents. Understand what your team is doing and avoid shadow AI activity.
- Assess all catalog models against known risks, regulations, and business use cases, and tightly align all three requirements.
- Understand how cataloged models access and use data sources inside and outside your hosting environment.
- Adapt to the reality that unstructured data will be the focus of GenAI innovation. Effective governance requires security, entitlement management, sanitization, and lineage tracking.
Securiti AI's Jalil also spoke about “contextual memory,” or the ability of AI to maintain broader situational awareness over a period of time about the state of a system than that of a human. This will significantly enhance cyber threat hunting operations, with the potential to detect adversaries that may reside off land or may be using tools specific to the targeted system/environment. will increase.
In one of the other RSA sessions on Tuesday, Caleb Sima, chair of the AI Safety Initiative by the Cloud Security Alliance, talked about how human threat and risk managers can apply contextual insights from a variety of real-time telemetry sources. He said the enhanced capabilities will speed up decision-making. Everything from authorization-to-operation processes to proactive threat management and incident response.
Gaps in coverage may be more easily identified through natural language interactions and queries of existing data sources. This is expected to reduce noise generated from inefficient human queries, enable more targeted, result-driven natural language queries, and foster better communication.
The emergence of human cyber defenders powered by AI assistants such as Microsoft's Co-Pilot and CrowdStrike's Charlotte represents today's “art of the possible.” From what I've seen at RSAC this year, security professionals can expect even greater integration and automation tomorrow.
Philip George, Executive Technical Strategist, Merlin Cyber
