Rising AI tide sweeps over RSA Conference, cybersecurity
AI is everywhere at RSA Conference 2023, though experts have differing views about why the technology has become omnipresent and how it will best serve cybersecurity.
SAN FRANCISCO -- AI was a major focus at RSA Conference 2023, but experts differ on what AI's moment in cybersecurity will actually be.
RSA CEO Rohit Ghai kicked off RSA Conference 2023 by focusing on the role of AI in security. On stage at a Monday keynote at the Moscone Center, Ghai said that AI advancements represent a new disruptive technology wave following the emergence of the internet, cloud and mobile computing.
"We all sense that it is cresting," he said.
Ghai said AI technology will improve identity and access management, specifically zero-trust architectures, by collecting and analyzing massive amounts of data and security signals.
"AI can watch and learn actual access over time and build fine-grained access models that humans could not process," he said. "AI will make zero trust possible."
AI has rapidly become one of the major focal points of the tech industry this year after Microsoft announced a multi-billion-dollar investment in ChatGPT publisher OpenAI. The security vertical has proven no different, as Monday at RSA Conference 2023 featured multiple AI-themed security announcements.
Google on Monday announced Google Cloud Security AI Workbench, a new security offering the vendor described as an "industry first" security suite that uses generative AI. The AI powers services including prioritized breach alerts, automatic threat hunting and Chronicle AI, which allows users to "search billions of security events and interact conversationally with the results, ask follow-up questions, and quickly generate detections, all without learning a new syntax or schema."
IBM similarly announced its AI-powered security suite Monday, named QRadar Suite. The offering compiles new versions of multiple QRadar solutions such as QRadar SIEM and QRadar EDR and XDR, and connects them with a new AI-focused interface. Its artificial intelligence features similarly include alert prioritization and automated threat hunting, though there are differences between the two platforms.
Those launches follow Microsoft's unveiling last month of Security Copilot, an OpenAI-powered digital assistant designed to help overworked security professionals better prioritize potential threats and risks.
OpenAI earlier this month launched a bug bounty program on Bugcrowd. Bugcrowd founder and CTO Casey Ellis said AI's big moment in security is due in part to ChatGPT putting the technology into the public's hands.
"This is not necessarily just things that are fundamentally transformative, regenerative AI and large language models," he said. "The overall idea of AI is something that we've been working with the whole time -- it's just that everyone's able to actually understand what it is."
Although several AI offerings were announced at RSA 2023, AI and machine learning have been utilized in technology -- and security -- for years, if not decades.
John Dwyer, head of research at IBM X-Force, similarly told TechTarget Editorial Tuesday that he doesn't think the recent shift toward AI strictly represents technological innovation. Instead, he said, it indicates an acceptance of AI's place within the enterprise.
"People have been talking about AI and machine learning for years and years," he said. "But I can tell you from working in the IT space, and then the security engineering space, and now in this consulting space, there was definitely a lot of hesitation into allowing AI to do what it was designed to do and actually carry out tasks on behalf of a human."
However, Dwyer said AI technology is becoming a necessity for security. "What I think has happened is that organizations are starting to realize that from a security point of view, there's no way in which they can keep pace and scale with the ever-evolving threat landscape without handing some decision making off to an AI model," he said.
Raj Rajamani, chief product officer of data, identity, cloud and endpoint at CrowdStrike, said he felt the industry environment has shifted to be become far more receptive to AI tech. And like Dwyer, he agreed that there is simply too much security data to process and analyze without using AI.
"The number of attacks is growing exponentially, the horsepower on these systems are growing exponentially," Rajamani said. "Without AI and data science, there is no other way to solve these problems, whether it's cybersecurity or even general purpose."
Alexander Culafi is a writer, journalist and podcaster based in Boston.