The RSA Conference will be held in San Francisco from May 6th to 9th, drawing cybersecurity professionals from around the world. This year's conference is filled with conversations about generative AI. How to use generative AI to protect against attacks, and how to protect generative AI itself.
A collection of RSA's enterprise business technology news most relevant to IT and technology decision makers. This article will be updated across RSA with additional technology news highlights.
Google uses Gemini AI to update Google security operations and more
Google is combining the security capabilities of information security company Mandiant and malware scanner VirusTotal with Gemini AI and Google's own user and device footprint to offer a new service called Google Threat Intelligence. It will be available starting May 6th wherever Google Cloud Security is distributed. Google Threat Intelligence uses Gemini AI to provide a top-down view of security data and competes with Microsoft's Copilot for Security.
Additionally, Google announced:
- New, curated detections for Google Security Operations. It's designed to reduce manual processes and suggest findings relevant to the broader Google Cloud, and has been updated to include recently detected threats.
- Mandiant's AI Consulting Services. You can red team both your organization's AI defenses and how AI could compromise your organization's security.
- A new service leveraging Gemini's security.
IBM and AWS study: Generative AI's unpredictable risks are worrying executives
During RSA, IBM and AWS released a report on how executives are thinking about the security of generative AI. According to the report, less than a quarter of respondents (24%) said they incorporate security as part of their generative AI projects. This could indicate that hyperscalers have a niche to fill as the business of securing AI projects becomes more mainstream.
Most respondents are concerned about the security implications of generative AI, with 51% concerned about unpredictable risks and the emergence of new security vulnerabilities, and 47% worried about new threats targeting AI. I answered that I am wary of such attacks. IBM proposed a framework for securing generative AI as a solution, released in January 2024.
Risk and governance frameworks are key to ensuring the security of the generative AI, IBM, and AWS covered in the report. Additionally, IBM is extending X-Force Red's testing services to AI, including generative AI applications, MLSecOps pipelines, and AI models.
See also: Adobe's Firefly and Content Credentials open season has begun for some bug bounty hunters. (Tech Republic)
Proofpoint adds AI screening to email security products
At RSA, Proofpoint announced two new email security services.
- Pre-delivery semantic analysis. Detect social engineering emails based on large-scale language models to stop email fraud and malicious links before they reach your Microsoft 365 or Google Workplace inbox.
- Adaptive Email Security is an integrated cloud email security solution that automatically isolates and accounts for behavioral anomalies in high-value targets.
Both of these email security services will be available starting May 6th. Adaptive Email Security is available only on a rolling basis to select customers who already have a standard email security package and have identified high-risk employees.
Cisco and Splunk extend Cisco Hypershield
At RSA on May 6, Cisco announced one of the first results of its March acquisition of Splunk. Cisco has added two of his capabilities to its Cisco Hypershield data center and cloud security product, allowing you to:
- Detect and block attacks from unknown vulnerabilities in your runtime workload environment.
- Isolate suspicious workloads.
Cisco also announced that Cisco Identity Intelligence AI analytics is now available on the Cisco Duo security platform, adding specific tools to capture identity-based attacks.
Splunk on May 6 announced a new asset and risk intelligence solution called “Asset and Risk Intelligence.” Splunk Asset and Risk Intelligence is currently in early access.
TechRepublic covers RSA remotely.