RSA Conference ’23: What’s trending and what could derail SecurityTech solution developers

Cybersecurity continues to grow in complexity as new threats emerge and existing threats become more sophisticated. This was evident at the recent RSA Conference ’23 I attended where keynotes, panels and exhibitors showcased what’s driving developments in this critical field.

A few trending topics emerged as I toured the show floor, listened to speakers, and met with industry players. One especially interesting conversation highlighted the biggest challenge that stands in the way of success for SecurityTech solution providers if they don’t address it now.

Here are my key takeaways:

1. More attention on artificial intelligence (AI): AI has long played a role in cybersecurity. The recent mainstream attention that the latest flavor of AI — Chat GPT — receives brings the technology to the forefront of most conversations. The attention reinforced the need to continually audit AI algorithms to ensure they produce intended results as AI’s capacity to gather data, drive automated decisions and influence security postures continues to advance. It’s also clear that bad actors will use Chat GPT to launch attacks and there is a need for ways to defend against AI-driven social engineering.
2. More U.S. federal government communication of cybersecurity threats: During a panel discussion featuring former government security officials (Chris Krebs, former Director of Cybersecurity and Infrastructure Security Agency under President Trump, and Lisa Monaco, former assistant to President Obama for homeland security and counterterrorism and current Deputy Attorney General), the Department of Justice’s (DoJ) new approach to cybercrime enforcement was outlined. In addition to prosecuting offenders, Monaco said the DoJ is also now focused on disruptive and preventative actions and working with potential U.S. victims on defense and prevention. It’s unclear how the DoJ is coordinating with other agencies and the security community, who will need to assess how to incorporate this evolving source of information about threats.
3. Pending privacy legislation: The American Data Privacy and Protection Act (ADPPA) continues to linger in Congress. Additionally, states are getting anxious and proposing their own versions in multiple state legislatures nationwide. Companies are monitoring progress and have questions about what they need to do to provide proof that their AI algorithms are working as intended and what the audit process entails.
4. Funding for solution developers is heating up: The buzz about the availability of venture capital (VC) funding was louder than I’ve heard in recent years. CrunchBase reports that funding for security start-ups is up from $2.4 to $2.7 billion in 1Q23 over 4Q22. That’s still only half of what it was at this time last year, but the trend line is rising. Anecdotally, the VCs I met with acknowledged slowing down in late 2022 but anticipate the market to be significantly better in the second half of 2023. They told me deal flow is good and they have multiple deals they expect to close in the next 90 days as the pace of funding quickens.

Developing issue that SecurityTech developers need to address

It’s heartening to learn that VCs are still excited about SecurityTech solutions. The issue is that what has emerged in the space is a collection of fragmented point solutions. Innovators tend to solve one specific issue with their products, then market it to organizations that are left to coordinate the functionality with all the other security products they have deployed.

What’s needed is a platform approach to security. This concept goes beyond providing one dashboard from which security professionals can monitor alarms across the network. Rather, developers need to consider how their solutions interact with other security products to enable security automation across the entire infrastructure. Performing as a point product is not a good long-term strategy.

Entrepreneurs are being told that as they initially ramp up as a point product solving a single customer pain point, to be a viable long-term solution, they must build in the ability to scale into a complete platform solving multiple customer pain points.

Where SenecaGlobal plays a role

For our SecurityTech clients, SenecaGlobal provides high-level guidance to architect solutions that address emerging market needs, such as the ADPPA, Cloud/AI and integration with other solutions, and technical experts to accelerate the pace of development.

What I learned at RSA ’23 assures me we’re on the right path to enable clients to meet their development timelines and get it right the first time.