interos.ai’s own Dr. Andrea Little Limbago, SVP of Applied AI, discusses her takeaways and highlights from this year’s RSA Conference. Original post is authored here.
This year was different. As tens of thousands of security practitioners descended on San Francisco, it was against a backdrop of global uncertainty. From the near-term economic fluctuations to the daunting horizon of 2027 when some futurists predict the onset of artificial general intelligence (AGI) while others forecast a Chinese invasion of Taiwan, the macro-environment permeated discussions much more so than in the past. For some, a natural inclination might be to revert inwards or accept a nihilistic perspective. Instead, after four intense days, my key takeaways highlight the progress, collaboration, and actions that are already underway to help advance security in an uncertain future.
Global Shifts
This year, I was fortunate to present twice on the shifting environment at the intersection of cybersecurity, geopolitics, and AI. In the first presentation, we focused on the strategic impact of the pager attacks, and whether they will demarcate a ‘before ‘and ‘after’-times for cyber norms. Specifically, we addressed the weaponization of supply chains for geopolitical objectives – a topic fueling resilience conversations at interos.ai. The consensus is, although we have not yet seen successful, copycat attempts, we are indeed in a new era of cyber norms and should expect to see supply chains weaponized – even lethally – in the future.
In the second presentation, an amazing panel and an engaged audience debated which regime type will best leverage AI – authoritarians or democracies? While democracies have the first mover advantage, due to IP theft, investment control, and lax guardrails, authoritarians currently have the advantage. The panel was split on whether this advantage will persist.
I have spent over a decade covering the intersection of geopolitics and cybersecurity. The interest in this topic this year compared to the past is incomparable. In my own presentations, and elsewhere throughout RSA, there was a much stronger interest and engagement in this topic. The dramatic transition from previous years where there was minimal interest except in niche parts of the community to a more widespread acknowledgement of this growing risk was extremely stark.
Secure (AI) by Design
Undoubtedly, AI was the buzzword of the conference. There were several hundred presentations on AI, both for offense and defense, governance and compliance, for good and for malicious objectives. As a member of the AI and Security program committee, I also had the privilege to assess the key trends from the research community, which not only addressed the potential misuse of AI, but also introduced innovations in securing the AI supply chain.
With examples of AI manipulation ranging from LLM grooming to malware development to security bypass features, there is growing awareness of this growing risk. Researchers and organizations are actively implementing new defenses and solutions to support AI innovations while introducing guardrails to minimize misuse. If acquisitions are any metric of the growing interest and monetization behind secure AI, then there are strong signals that secure AI will be a growing requirement and necessity as the world charges ahead toward AGI.
Many Voices. One Community.
“Many Voices. One Community.’ was this year’s RSA conference theme. The value of collaboration and community was iterated throughout the week. While participating on a panel for the Infra Gard National Cyber Defenders seminar, we discussed the challenges of supply chain and third-party risk, and frequently highlighted the necessity to work together, both internally across departments as well as across the supply chain. A similar theme emerged during the NightDragon panel on The Future of AI, which focused on the monumental innovations already underway as well as the urgent role of communities and collaboration across all aspects of cybersecurity.
As a member of the Global Council for Responsible AI (GCRAI), I have the honor to collaborate with leaders in this field from across the globe, knowing that cybersecurity – and secure and ethical AI – is not an issue we can address alone, but rather teamwork and collaboration are key.
Impact and Teamwork
On the last day of the RSA Conference, I was fortunate to attend a panel addressing the cyber poverty line, wherein the majority of businesses lack the resources to secure their networks in today’s threat landscape. Among the many insights, it was noted that there are 73% fewer cyber insurance claims when larger, well-resourced companies provide technical or other forms of support to their key suppliers, who suffer disproportionately from successful cyber attacks. Teamwork is critical to raising the security posture across supply chains, including those well-resourced companies who benefit from supplier security.
In true spirit of this year’s theme, Wednesday’s keynote by basketball legend and entrepreneur, Magic Johnson, personified the core take-aways from the week. He, too, stressed the role of teamwork and impact, acknowledging the range of teams that have been critical to his own success. He also identified how to leverage competition to make yourself, and your team, better and more resilient. At a time of growing geopolitical competition, we must lead by example, work together to build resilient communities, and use the comparative advantage of partnerships and alliances to create a more secure tomorrow.
We are here to be your partner on the path to eliminating risk from your supply chain and building a more resilient future. interos.ai maps and monitors risk by using AI to surface what matters most to help you uncover risk before catastrophe strikes.
