Press "Enter" to skip to content

Secure by Design: A Shift in Cybersecurity Paradigm Promoted at RSA Conference

By Dave Sobel on May 13, 2024

I also wanted to highlight some of the news from last week’s RSA conference.  

At the RSA Conference, several AI security companies showcased products aimed at using AI to mitigate cyber threats. CalypsoAI introduced a feature to create a vulnerability scanner without coding, Protect AI released Sightline, an AI and machine learning supply chain vulnerability database, Trellix rolled out Trellix Wise for threat detection, and Deep Instinct introduced DIANNA to predict hackers’ tactics.

Some key themes emerged: the surge in DDoS attacks targeting web applications, the importance of AI-driven next-gen SIEM solutions, the escalating cyber threats from financially motivated crime groups and China-backed threat actors, the latest developments in quantum cryptography, and the ongoing ransomware crisis and the need for improved defensive capabilities.

The Cybersecurity and Infrastructure Security Agency’s (CISA) new “secure-by-design” pledge relies on the commitment of 68 tech manufacturers to enhance product security. The pledge includes increasing multifactor authentication, reducing security bugs, speeding up security patches, and publishing a vulnerability disclosure policy. However, CISA does not plan to strictly enforce this pledge, leaving companies accountable for their promises. CISA plans to convene signatories throughout the year to discuss progress.

The pledge focuses on enterprise software products and services, aiming to shift the security responsibility from individuals to manufacturers. The pledge includes goals such as increasing multifactor authentication, reducing the prevalence of vulnerabilities, and being more transparent about vulnerabilities.

Why do we care?

The Secure by Design pledge is notable.    Pay attention to who signs…. And who doesn’t.   For me, that’s the headline coming out of the event.   

The emphasis on AI-driven solutions and the move towards secure-by-design principles suggest a proactive and foundational approach to cybersecurity, and let’s not lose sight of the foundations.    That assumes you and your customers are executing there.  

 

Published in Podcast Story

Dave Sobel
Dave Sobel

Dave Sobel is a leading expert in the delivery of technology services with broad experience in both technology and business. He owned and operated a technology solution provider for over a decade, and worked for vendors leading community, marketing, product strategies, and M&A activities.

More from Podcast StoryMore posts in Podcast Story »