San Francisco — The RSA Conference — The 33rd annual RSA Conference, RSAC 2024, commenced in the Golden City on Monday. Themed “The Art of Possible,” the event is currently hosting over 40,000 cybersecurity professionals from more than 130 countries at the Moscone Center through Thursday. Participants are sharing their expertise with the goal of making the world a safer place.
In his keynote speech at the RSA Conference, Hugh Thompson, Executive Chairman of RSAC, reflected on his 16 years as program chair: “The difficult challenges we face daily in cybersecurity, the things that are so hard, and the problems that seem impossible, are actually possible to overcome through community.”
In his address, Thompson applauded the RSAC community, which has spent 33 years collaboratively addressing complex cybersecurity issues. According to the chairman, this year’s conference saw a record number of submissions in response to its call for speakers.
Thompson emphasized the power of collective action in his speech, saying, “Community unlocks possibility. Individuals may be smart, but as a community, we are wise. People can get overwhelmed, but a community can endure and even thrive. Individuals are strong, but as a community, we are formidable.”
In his opening remarks, Thompson also highlighted three major trends and issues in cybersecurity: burnout, artificial intelligence, and risk management.
After a significant spike in 2021 due to the pandemic, burnout levels among the cybersecurity workforce had been consistently declining. Recently, however, levels have rebounded to those seen three years ago. This resurgence can primarily be attributed to heightened demands for liability—meaning increased legal and regulatory responsibilities to secure data and systems. Additionally, there is greater pressure for meticulous reporting and the continuous need to respond to persistent cyber threats like ransomware.
AI has been a recurring theme in the RSAC program for many years, but according to Thompson, its presence has never been as pronounced as it is this year. He explained that AI will play a central role in discussions at the conference, emphasizing its importance in enhancing and maintaining control over IT assets.
Thompson also addressed nuance in risk management during his speech. He observed that when a new threat emerges in the ecosystem, there’s often a flurry of discussion about its various aspects and potential for exploitation. “In the following year, you will typically see some kind of framework introduced to address it,” he noted.
However, Thompson went on to caution that the mere act of imposing a framework doesn’t necessarily equate to the problem being solved. “The word framework,” he added, “is commonly used in the context of management, but relying too heavily on it in risk management can easily lead to a false sense of security.”
Thompson concluded his speech, saying that the letter “C” in the RSAC means three Cs this year: the content that we share, the connections that we make, and the community we have.