The recent RSA Conference 2023 in San Francisco was a clear indication of some of the most important trends in cybersecurity and a guide to current enterprise security priorities, a leading analyst has commented.
Mauricio Sanchez, Research Director of the Dell’Oro Group, attended the event at the Moscone Center, along with over 600 vendors, and noted that SASE, while still important, was not attracting the same excitement as previous years perhaps on account of marketing fatigue.
“The hot discussion around runtime application security, including API security, has spread out as part of the ‘left shift’ movement to greater design and coding security,” he noted. “Now there’s a greater breadth and depth of solutions to consider as part of a comprehensive cloud application security that inevitably has shifted the conversation to more generalized concepts like data and software security. As a result, cloud application architects now have an abundance of tools to contemplate.”
Sanchez also observed that AI in the form of ChatGPT is starting to enter the security arena, if ‘just scratching the surface of possibilities’. “ChatGPT has shined a bright light on AI and generated many new discussions about its possibilities,” he said. “It wasn’t surprising to hear ChatGPT dropped by more than a few vendors at RSAC 2023. It wasn’t part of the formal vendor marketing messages on the show floor, its arrival happened too recently have made it into any of the marketing, but many vendors in discussions talked up adding AI-driven natural language processing. NLP promises that it will make solutions easier to use and increase the effectiveness of security admins. For example, rather than hunting through dashboards or reams of events, the security admin will be able to ask questions such as, ‘Where is my greatest security risk?’”
He also discovered that applications and IT infrastructure security are still top of mind: “It used to be that IT infrastructure teams held the keys to the security kingdom since applications could only get deployed once the infrastructure team did so,” said Sanchez. “Infrastructure owned the servers, storage, and networking that applications relied upon. From a security perspective, infrastructure teams tended to put significant thought into the application data security lifecycle because, over many years, they had come to understand the security implications of data in motion, in use, and at rest. However, applications teams hated having to wait for the infrastructure teams. The infrastructure teams lost most of the security control when the cloud-based paradigm arrived with its continuous integration/continuous development on ephemeral infrastructure, also known as a cloud DevOps culture. Applications teams could now do as they pleased without involving or waiting for the infrastructure teams. But unfortunately, cloud application security is far from as mature as it had been in the traditional monolithic days involving the infrastructure team. Consequently, security posture has suffered and led to notable cloud breaches. However, as the saying goes, necessity is the mother of invention.”