5 key takeaways from RSA Conference 2024
At RSA Conference 2024, the infosec industry showed their efforts to push forward in AI and to fill gaps that should help security practitioners do their jobs more effectively.
The RSA Conference continues to draw massive crowds every year, in large part because it presents an avenue for the cybersecurity community to come together, review common challenges, share information and discuss our path forward as an industry.
At the same time, it offers vendors an opportunity to highlight their innovations and approaches to solve problems that security practitioners face. The industry continues to push forward in strategic areas such as AI and to fill gaps that should help practitioners do their jobs more effectively and efficiently.
With another RSA Conference in the books, let's review some key takeaways from the event.
AI in security
Artificial intelligence might be more than a passing trend.
That statement is obviously tongue-in-cheek, but what else can you say? AI is one of -- if not the most important -- macrotrend in tech right now. It's clear cybersecurity professionals already have their hands full, and things are only going to get more complex.
Conversations at the conference focused on both the security of AI and using AI for cybersecurity. Both are critical topics as security teams struggle to ensure generative AI (GenAI) applications are used in accordance with business policy and sensitive data is protected.
Across segments, GenAI is being incorporated by vendors to improve operational efficiency and help security teams fight fatigue, which is directly related to the next trend on this list. The fact that Innovation Sandbox was dominated and ultimately won by AI-focused companies highlights this trend as well.
Security automation
The prevalence of automation continues to grow. Automation remains in the early stages for sure, but as efficacy improves, so will the willingness of security practitioners to let certain tasks be automated.
Application mapping, policy recommendations, suggestions for next steps during investigations and threat hunting activities are all becoming commonplace. We should start to see more security pros willing to take these steps without human intervention over the next year. At the same time, all it takes is one misstep that leads to business interruption for security teams to backtrack, so vendors and practitioners will likely take it slow.
On-premises hardware is important again
When I covered the network security market in the early 2010s, many conversations focused on speeds and feeds. As a result, the RSA Conference offered an opportunity to exhibit the latest and greatest hardware. I wouldn't say that was the case this year, but I did notice a couple appliances on the show floor.
With historically cloud-only vendors now offering on-premises hardware to connect and protect branch and remote locations, it's clear we've fully moved beyond the era of COVID-19. Security teams are looking to modernize and integrate on-premises use cases with the remote ones they've been focused on over the last few years.
Proactive security is the best security
The prevention vs. detection pendulum continues to swing back and forth depending on who you speak to, and both are obviously important, but taking proactive steps to reduce the attack surface as much as possible and limit the impact of an incident remains essential to a successful security program.
The size and scope of enterprise environments means that prioritization is critical to do this successfully, and there were examples of this across the show, including in the Innovation Sandbox.
Microsegmentation
The awareness and implementation of microsegmentation remain disjointed.
Zero trust remains a topic of discussion, but more of an underlying theme than front and center. And that's a good thing. Practitioners have become smart around this topic and vendors have adjusted their messaging and positioning accordingly.
It was interesting to me that there remains a gap between the awareness and understanding of the importance of microsegmentation and the rate of adoption. I think much of this comes down to usability, which both incumbent vendors and new players are working to improve.
With microsegmentation as critical to a successful zero-trust architecture as it is, it's important that these vendors deliver results.
John Grady is a principal analyst at TechTarget's Enterprise Strategy Group who covers network security. Grady has more than 15 years of IT vendor and analyst experience.
Enterprise Strategy Group is a division of TechTarget. Its analysts have business relationships with technology vendors.