RSA 2024 Wrap -Banner RSA 2024 Wrap - Feature

May 13, 2024

RSAC 2024 Recap: The Art of the Possible with AI & Cyber Risk Management

This year’s RSA conference theme was The Art of the Possible. It built on last year’s motif, Stronger Together, and advanced the spirit of collaboration and cyber resilience. The conference also highlighted how innovative technologies like AI, now a linchpin of cybersecurity, are expanding what’s achievable. AI’s central role spans various disciplines, enhancing everything from behavioral analytics to automated incident response. Yet, the pressing need for cyber risk management and lowering the risk of breaches due to vulnerabilities were at the top of all executives’ minds.

Interestingly, the 2024 Verizon Data Breach Investigations Report (DBIR) confirms this, noting a 180% year-over-year increase in breaches caused by vulnerability exploitation. Additionally, the DBIR mentions that 50% of critical vulnerabilities took almost two months to patch. Clearly, there is a connection between executive sentiments and real-world data.

Further, during our meetings at RSA, several executives expressed challenges in prioritizing cyber risk. They described difficulties aggregating, deduping, normalizing and interpreting IT and cybersecurity data generated by disparate sources across their environment.

Others noted the growing trend towards integrating cybersecurity more closely with business operations. Their security teams are expected to demonstrate their efforts’ return on investment (ROI) and articulate cyber risk to the board.

Amidst this backdrop, there is growing optimism about AI’s potential to address these challenges. For instance, the Balbix AI-powered Cyber Risk Management platform can prioritize cyber risks, such as vulnerabilities/misconfigurations across your entire attack surface, such as on-premises, cloud and IoT/OT, and quantify risk in monetary terms that non-technical executives understand. Ultimately, Balbix helps CISOs demonstrate the effectiveness and ROI of their investments to their executive teams and boards of directors.

Refining Risk-Based Vulnerability Management

Building on these insights, many at the conference emphasized the growing need for risk-based vulnerability management (RBVM). As the need for greater operational efficiency in cyber risk management increases, there has been a discernible shift within the industry from the conventional use of Common Vulnerability Scoring System (CVSS) metrics towards a more holistic approach that leverages Cyber Risk Quantification (CRQ) to prioritize risks based on the potential financial impact to the organization, not just risk levels or probabilities. Balbix has partnered with Verizon to bring CRQ to the forefront. By combining Balbix’s automated risk quantification expertise with Verizon’s extensive data insights, the partnership promises a comprehensive solution to help organizations clearly understand, prioritize, and mitigate cybersecurity risks in a quantifiable way.

AI is everywhere, but how do you know what is real?

While AI-powered messaging is ubiquitous, only a few tools utilize AI technology. Organizations considering AI for vulnerability management or risk quantification should ask their vendors about the following:

  • How do you train your AI models?
  • What do you use to train your models?
  • What specific AI techniques do you employ?
  • How do you utilize large language models (LLMs)?
  • What limitations do LLMs have in solving particular problems?

A genuinely effective AI-powered tool should deliver an accurate, contextual assessment of vulnerabilities by analyzing severity, threats, asset exposure, security controls and asset criticality data. This allows organizations to prioritize their remediation efforts on the most critical risks, enhancing their overall security posture.

Context is king, but why is it so hard to be contextual?

Another common sentiment voiced by cybersecurity professionals at RSA was the importance of context. They wanted tools that understand their organization’s environment—asset criticality and user behavior—to provide actionable insights. However, every tool has its unique data structure and format. Aggregating and normalizing all the data is a challenging problem, and very few organizations have been able to do it successfully. Without context, most organizations will struggle to reduce their risk meaningfully.

Everyone wants ROI, but how do you show ROI

Many organization voiced their desire to understand the effectiveness of their current tools and Infosecurity programs and how that translated into monetary terms. In other words, if they deployed an endpoint security tool, what would be the reduction in breach risk and their ROI? To get an honest answer, organizations must first understand their breach impact and measure the reduction in impact after the tool is deployed. CRQ can help solve this challenge.

Final Thoughts

AI is revolutionizing cybersecurity. As we head into the second half of the year, it’s clear that The Art of the Possible with AI is driving the cybersecurity community toward a future where risks can be inferred, prioritized, and mitigated much faster than previously possible. The journey is just beginning.