{"id":2957,"date":"2025-04-28T18:48:20","date_gmt":"2025-04-28T18:48:20","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=2957"},"modified":"2025-04-28T18:48:20","modified_gmt":"2025-04-28T18:48:20","slug":"ai-looms-large-on-the-rsa-conference-agenda","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=2957","title":{"rendered":"AI looms large on the RSA Conference agenda"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Thousands of delegates (41,000 attended in 2024) and around 600 exhibitors are in San Francisco to hear talks on the use of generative AI technologies in threat detection, automated vulnerability management, and the ethics of AI in security, among other topics.<\/p>\n<p>Application security will also feature prominently with sessions on software supply chain, API security, software composition analysis, and secure development. Identity and access management will also feature in both conference tracks and the vendor expo sides of the conference. The conference will also host an <a href=\"https:\/\/www.rsaconference.com\/library\/press-release\/finalists-announced-for-20th-annual-rsac-innovation-sandbox-contest-2025\">innovation sandbox<\/a>, highlighting the work of the most promising security startups.<\/p>\n<h2 class=\"wp-block-heading\">AI driving industry disruption<\/h2>\n<p>Speaking ahead of the conference, Deloitte US cyber lead Adnan Amjad told CSO that the rise of AI-driven cyber threats, complex IT environments, and stricter regulations are making secure modernization essential.<\/p>\n<p>Amjad said that the latest wave of innovation is focused on AI as app (or agentic AI), adding that disruption is coming whether enterprises like it or not.<\/p>\n<p>\u201cBusinesses need to move even though the technology may look different in six months,\u201d Amjad said.<\/p>\n<p>Enterprises currently have too many security tools \u2014 offering stove-pipe solutions \u2014 so enterprises need to move away from this approach to develop a blueprint for how AI technologies can be deployed to offer greater integration and improved productivity, according to Amjad.<\/p>\n<p>For example, routine tasks in <a href=\"https:\/\/www.csoonline.com\/article\/3840447\/security-operations-centers-are-fundamental-to-cybersecurity-heres-how-to-build-one.html\">security operations centers<\/a> can be carried out by AI agents, freeing up analysts to work on more strategic tasks.<\/p>\n<p>\u201cEnterprises need to think about how to build greater resiliency from a business perspective,\u201d said Amjad, who added that businesses should look toward security platform consolidation.<\/p>\n<h2 class=\"wp-block-heading\">Rise of the machines<\/h2>\n<p>Charlie Lewis, a partner at management consulting firm McKinsey &amp; Co., similarly predicted that consolidation in cloud security and security operations were key industry trends likely to be showcased during the RSA Conference.<\/p>\n<p>\u201cEnterprises need to integrate security into their software development practices,\u201d Lewis told CSO. Enterprises need to deploy AI-based technologies to stay ahead of phishing threats \u2014 especially since criminals are making <a href=\"https:\/\/www.csoonline.com\/article\/3850783\/11-ways-cybercriminals-are-making-phishing-more-potent-than-ever.html\">greater use of gen AI tools to craft phishing lures<\/a>.<\/p>\n<p>AI technologies also have a role in <a href=\"https:\/\/www.csoonline.com\/article\/3965405\/generative-ai-is-making-pen-test-vulnerability-remediation-much-worse.html\">vulnerability remediation<\/a> and in reducing the mean time to respond against security threats. \u201cThere\u2019s a risk for companies in not deploying AI technologies,\u201d Lewis said, adding that how AI projects improve business metrics will be important in gauging the success of their deployments.<\/p>\n<p>Although better known for keynote presentations by industry luminaries such as Chris Krebs and Bruce Schneier, as well as senior executives from Google and Microsoft, the RSA Conference also offers a chance for CSOs to talk to a variety of vendors in support of planning a project. There\u2019s also the opportunity for delegates to network with their peers. CSO\u2019s Jon Oltsik offers <a href=\"https:\/\/www.csoonline.com\/article\/3965415\/10-key-questions-security-leaders-must-ask-at-rsa-2025.html\">10 key questions CSOs should ask<\/a> as they soak in conference presentations and conversations.<\/p>\n<h2 class=\"wp-block-heading\">AI guardrails come tumbling down<\/h2>\n<p>Some research is also due to be presented at the conference.<\/p>\n<p>For example, AI security testing firm Mindgard is presenting new research on bypassing AI guardrails using novel methods like emoji and Unicode smuggling.<\/p>\n<p>Mindgard\u2019s research team has identified vulnerabilities across the guardrails designed to protect large language models (LLMs).<\/p>\n<p>The study found that character injection methods and algorithmic adversarial machine learning (AML) evasion techniques can successfully and reliably bypass six of the most prominent AI guardrails systems, including Microsoft\u2019s Azure Prompt Shield, Meta\u2019s Prompt Guard, Nvidia\u2019s NeMo Guard, and Protect AI.<\/p>\n<p>The <a href=\"https:\/\/arxiv.org\/abs\/2504.11168\">research<\/a> \u2014 which was disclosed to the affected parties prior to its publication \u2014 highlights the need for more robust guardrail systems, according to Mindgard.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Thousands of delegates (41,000 attended in 2024) and around 600 exhibitors are in San Francisco to hear talks on the use of generative AI technologies in threat detection, automated vulnerability management, and the ethics of AI in security, among other topics. Application security will also feature prominently with sessions on software supply chain, API security, [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":2958,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-2957","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2957"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2957"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2957\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/2958"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2957"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2957"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2957"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}