At RSA Conference 2024, the theme is “The Art of Possible.” According to Dr. Hugh Thompson, Executive Chairman of RSAC and Program Committee Chair in his keynote speech, “It’s a phrase that, on the one hand, is meant to inspire hope, but it also serves as a warning. We should never underestimate what is possible by our adversaries.” He then went on to echo the concepts that ran through many of today’s speeches that focused on what is possible when organizations leverage the power of the cybersecurity community and work together as a collective whole while minimizing risk, reducing employee burnout, and working with the massive potential in artificial intelligence while safeguarding against its abuses.
The cybersecurity community is constantly learning, innovating, and adapting. With attendance of over 40,000 cybersecurity professionals from more than 130 countries, RSA Conference is a testament to how many passionate professionals are willing to share their hard-earned expertise in an effort to strengthen the rest of the community. During one of the first sessions of the day titled Life After the Breach: a Survivor’s Guide, panelist Russel Ayres offered advice to those struggling in the aftermath of a sustained attack, “You have friends in this group. This group, it’s a very close-knit community. Reach out to the community.” Hugh also believes in the strength of this community as he explained, “community unlocks possibility.”
Risk and burnout are inextricably linked to one another and to the cybersecurity industry as a whole. Much of successful cybersecurity is analyzing potential weaknesses, determining what level of risk they present, and developing approaches to minimize, if not eliminate, these risks. When the job is done well, security is seamless and it is impossible to determine how many attacks are prevented. Those in the industry are locked in a constant battle to prevent bad actors from bypassing security measures and compromising a system. However, living in a constant state of preparedness for an attack can take a heavy toll on individuals tasked with defending the system.
In “Building Your Roadmap to Cyber Resilience – Five Things You Can Do Today,” Jennifer Minella and Alex Sharpe detailed the steps that professionals can take to prepare themselves and their organizations for the inevitability of an attack and prevent some of the associated stress that comes with unknown risks. Unaddressed, this stress, coupled with increased reporting responsibilities and liabilities is producing burnout levels that haven’t been seen since 2021. In addition to rising levels of burnout, Hugh also sees this level of risk causing “the protectors,” as he called them, to hesitate to act which is against their natural instincts and is leading to more successful attacks.
This year’s conference committee saw a record number of submissions relating to AI. Although many of the submissions related to the question of how organizations can use AI to better perform their work, there were also a large number that were concerned with the speed at which AI is being adopted. Hugh relayed that many asked, “how do I know that I have the right compensating controls?How do I know that this new evolving risk surface is under control?” These are questions that are expected to be addressed throughout the week in sessions such as “Homeland Security in the Age of Artificial Intelligence” and “Tackling Deepfakes, Wars, and Other SecurityThreats in the GenAI World,” that will take place tomorrow.