Security Leaders Discuss Industry Trends at Dark Reading’s News Desk at RSAC 2023

RSA CONFERENCE 2023 — San Francisco — Cybersecurity leaders dug into a broad array of topics during their News Desk conversations with Dark Reading at this year’s RSA Conference. From emerging security technologies (CNAPP), critical infrastructure attacks, identity management, virtual networking, and generative AI, these News Desk interviews covered a lot of ground. There were conversations about automation and vulnerability management, as well. Check out our YouTube playlist of all the topics that came out of Dark Reading News Desk during RSA Conference 2023 in San Francisco.

Xage Security on How An Identity-First Approach Can Stop Attacks on Critical Infrastructure

Xage CEO Duncan Greatwood traces the rapid rise of critical infrastructure attacks back to the Colonial Pipeline attack a few years ago, noting the vulnerability of both information and operational technologies.

TXOne Networks on Industrial Security Is Evolving to Keep the Operation Running

Terence Liu and Jeff DePasse of TXOne Networks talk about the heightened profile of critical infrastructure in the National Cybersecurity Strategy, as well whether policies for information technology can also work for operational technology (OT).

Mandiant Consulting, Google Cloud on Mandiant Report: Dwell Time Decreases While Ransomware, Extortion Flourish

Mandiant’s Charles Carmakal digs into the findings from the company’s latest annual M-Trends report, noting that average dwell time has decreased to 16 days.

Beyond Identity on What Is Zero-Trust Authentication and Why Does It Matter?

Beyond Identity’s Patrick McBride takes on the multitude of challenges and shortcomings with most existing authentication technologies, as well as some advancements that will improve the effectiveness and accuracy of authentication.

Sumo Logic on Why We Aren’t There Yet With Security Automation

Dave Frampton of Sumo Logic Security describes the challenges organizations face with security management, and where automation falls short in fulfilling them.

Yinon Costica of Wiz talks about cloud-native application protection platforms (CNAPP), and how their combined functionality streamlines operations for security professionals.

Corey Bodzin of Automox pulls apart the results from the company’s latest IT operations report, which shows that companies are reducing the number of tools they use for endpoint management.

OpenText’s Geoff Bibby shares the latest findings from the company’s cybersecurity global threat report, and discusses the issues that small, medium and large business are up against where threats and attacks are concerned.

Invicti’s Patrick Vandenberg reveals findings from the company’s latest AppSec report, looking at trends Invicti has recently observed and how they’re evolving.

SlashNext on How Generative AI is Changing the Threat Landscape

Patrick Harr of SlashNext takes on that form of artificial intelligence known as generative AI, which has been linked to new, more devious attacks on organizations, their data, and users.

Darktrace on A Closer Look At the Shifting Email Security Conversation

Email is still by far the most common entry-point for a cyber-criminal, according to Dan Fein of Darktrace.

Lookout CEO Jim Dolce talks about the expansion of attack surfaces with more work-from-home and hybrid work employees, and has some suggestions for locking down devices, apps, and end users.

Rick McElroy of VMware talks about the ongoing threat — and danger — posed by lateral movement by attackers within a target organization.

ZeroTier on What Leaders Need To Know About Modern Virtual Networking

ZeroTier’s Marc Patterson talks about the emerging security solution known as virtual networking, not to be confused with virtual private networking.

Delilah Schwartz of Cybersixgill unpacks the findings of the company’s report on the cybercrime underground, and all it reveals about new tactics and targets.

AT&T on What Security Pros Should Know About the Evolving Edge Ecosystem

Theresa Lanowitz of AT&T Business discusses how the advent of edge computing has created inadvertent security risks for organizations.

Brendan O’Connor of AppOmni makes the case for why CISOs and their teams should be building programs that handle the security for software as a service (SaaS).

Brad Rinklin and Renée Burton of Infoblox discuss the company’s recent rebranding that unites networking and security, as well as how this combination delivers improved performance and protection.

Elastic Security on Expanding Cloud Security Capabilities With Improved App Security

Mike Nichols of Elastic Security digs in around extended detection and response (XDR) as a major tool in the cybersecurity arsenal.

JupiterOne founder Erkang Zheng talks about how today’s companies can get a better grip on what they need to manage and how to secure their assets properly.

Mend on How Automation is Driving Supply Chain Security and AppSec

Mend CMO Arabella Hallawell talks about the wakeup call from supply chain security failures, the role of application security, and how improved dependency management can reduce the scope of the attack surface.

Expel on How Better Integration of Systems, Apps Bolsters Enterprise Security

As the threat landscape morphs and presents new hazards, so has the pressure for tighter integration among security systems and applications, according to Expel’s Dave Merkel.