#AI and #GenAI was at the forefront in #RSA conference. Indeed it was expected as was noticable AI slapping on existing products and some stretch claims. One thing was however clear - agility is the name of the game from all actors as shared by Vasu Jakkal.
It took 16 years for smartphones to reach 100M but only 2 months for ChatGPT. AI has indeed changed the pace of innovation and its adoption across multiple industries.
The numbers were also stunning on how adversaries are using AI for scale and sophistication of attacks. #Password based #threats have increased from 3B in 2022 to 30B in 2023 and #cybercrime today is a $8T industry.
Regulators are also getting to action faster as well. Microsoft is tracking new regulatory updates at 250 per day and new AI regulations (see graphic below) take less than a year to craft and pass compared to typical duration of 10 years.
With that background, I was not surprised by the plethora of security solutions at RSA Conference leveraging AI. Almost every vendor demonstrated that.
In contrast, only a handful looked into new GenAI attack surfaces and security issues for enterprises - Shadow AI, #owasptop10 #llmsecurity issues such as prompt injection and hallucination, data provenance, privacy, safety, model stealing, explainability, drift, and governance.
Discoverability, incorporating AI assessments into security posture management #SPM, risk based controls and guardrails to handle user and data risk, AI XDR operational enhancements are some remedies proposed. Will vendors step up to support this blueprint? At a recent #siliconvalleycybersecurity meetup, Steve Wilson had indicated emergence of AI firewalls and the push from startups and VC ecosystem. Palo Alto Networks seemed to be going in that direction with its Precision AI capabilities covering access, #SPM and runtime. Having worked on #modelops at Deloitte, I saw some parallels of it in #SPM and was not surprised.
Cyber security vendor landscape and their products will have to evolve rapidly to address these challenges. By next RSA I expect to see new leaders join current market leaders.
Partner Director, Microsoft Security
4moThanks to every one who contributed to making the first edition of Blue hat India a huge success