Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

RSA 2023 is a wrap, but that doesn’t mean we are finished with the annual event. Sharing information, success stories, and lessons learned lies at the heart of RSA. And after a week of talking to attendees and pundits, giving demos, and gleaning knowledge from a slew of sessions, it’s going to take some time to sort through all the treasure from that trove of knowledge. For starters, here are a few of the more noteworthy sessions we saw at the show.

Enterprise security operations teams find it increasingly difficult to maintain a hardened posture against advanced network and cloud threats. Given the rapid adoption of cloud platforms and software-as-a-service (SaaS) tools, cloud application traffic has overtaken web traffic to dramatically expand the attack surface. As a result, overreliance on traditional security controls can lead to increased blind spots, and control misconfigurations can create significant business risks.

Security teams face unique challenges in today’s rapidly-changing landscape of phishing, malware, and other social engineering and cybersecurity threats. Collaboration across disparate teams and siloed tools adds additional layers of complexity to security teams’ day-to-day operations. When security teams use different systems for simulated phishing, security awareness training, incident response and remediation, it is difficult to track and optimize the full lifecycle of an incident.

New data provides a multi-faceted look at the changing face of phishing attacks. This data includes who’s being targeted, the tactics being used, and why phishing attacks continue to work. If 2022 is any indication of what the remainder of this year will hold for organizations fending off cyber attacks, cybersecurity efforts are going to need a whole lot more emphasis.

In today’s one-click world, organizations of all sizes should be committed to improving their cyber security posture. Helping them to mitigate the risk of a data breach and protect their critical assets. This means having the right technology, processes, and people to monitor the environment and respond to incidents quickly and effectively. According to a recent IBM analysis, the average cybercrime takes 280 days to detect and contain and costs businesses up to $3.86 million.

Waves of change are constantly disrupting companies of all sizes around the world, particularly when it comes to cybersecurity. Digital infrastructure keeps expanding, work models constantly change, and the web between businesses gets more and more intertwined. It’s no surprise that CISOs and risk leaders are evolving. A majority of boards now see cyber risk as business risk, so they’re asking hard questions around risk and exposure.

Read the highlights from BSidesSF, a community event that brought together speakers, workshops, and villages to help us all learn to be safer.

The people closest to your business can sometimes cause the most damage. Yet while top-secret data leaks are headline news today, most insider threats are well-intentioned people who just screw up.

With the dust now settled and life returning to some semblance of normalcy, we’ve still been ruminating on our week in San Francisco. It was an incredible and busy week, with a lot of top notch sessions, discussions, and of course the bustling expo. We compiled some of our daily thoughts after each full-day at the show, which you can read here, but now with some perspective, we wanted to share our four most memorable takeaways from RSA Conference 2023.

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.