RSA Conference: XDR and Risk-by-Context are the Cybersecurity Dream Team

From 24 to 27 April, asvin CEO Mirko Ross and asvin CTO Rohit Bohara were part of the RSA Conference in San Francisco. Inspired by the setup, topics and visitor structure of the event, Mirko here gives a short review of the meeting of the cybersecurity scene in the capital of the Bay Area.

Question: What was your experience at the RSA Conference, what was helpful?

Answer: First of all, as the founder and CEO of a cybersecurity company from Europe and especially from Germany, it was very interesting for me to get insights into the cybersecurity market in the US. It is impressive how big the topic of cybersecurity has become in the USA! How many people and players are participating in this conference!

Q: In fact, the RSA Conference is, by its own admission, the world’s leading cybersecurity conference and exhibition. This year’s event attracted over 40,000 attendees, including more than 650 speakers, more than 500 exhibitors and more than 500 members of the media. Among the most pressing topics at this year’s conference were issues around AI and threat modelling, the changing face of ransomware and malware, the challenges and opportunities of generative AI, and the far-reaching impact of open source.

A: Precisely. It is also striking that the US market is much “noisier” than the European market. There, the discussion between providers and users is very lively. The way they present their products is “positively aggressive”, they approach each other head-on, get straight to the point, focus on solutions and sales. In Europe and Germany, people are still much more reserved, especially when it comes to cyber security. We should change that. Cybersecurity is cool!

Q: What was your thematic highlight?

A: From my point of view, the main topic was everything to do with XDR (Extended Detection and Response) – a huge focus at RSAC. It became clear that what we do at asvin with our risk-by-context solution fits super well into the XDR theme. The feedback we received at our stand and at the trade fair in general was correspondingly great. We spoke with many interested parties from the USA, especially Silicon Valley, but also from Europe.

Q: How did you perceive the reactions to ChatGPT & Co?

A: Everyone is very concerned about the big language models. Some fear that attackers can create perfect phishing emails or deep fakes, for example. For example, the audio authentication thing: with the traceability of audio profiles and additionally with the next generation of video identification, we will get into the situation that video identification systems are no longer suitable for authentication because they can be simulated by AI.

Q: What about our risk-by-context approach? Do we have AI in there?

A: Yes, of course. But good ones, because safe. Two things are important here. First, how can we use AI for better pattern recognition to find risk patterns? That is one possibility. We are currently working on that. It’s not part of the product at the moment, but it’s definitely something we’re working on. The second point and dominant theme at RSAC and beyond is how to secure AI in general. So how can we evaluate how trustworthy and secure are all the models that are currently building it? This debate is ongoing and will keep us busy for some time. This is where XDR comes into play again, namely the challenge of how to detect things that are not obvious. And how to optimise your response to them. Risk-by-Context gives a much more accurate overview of things and situations that are not obvious. We don’t stop at lists of CVEs here, but can prioritise criticalities with Risk-by-Context.

Q: Doesn’t this give risk analysis a completely new status?

A: Every time our prospective clients came up with this very point in conversation, they had a gleam in their eyes. With the Risk by Context method, asvin makes a significant new contribution to optimisation in Cyber Threat Intelligence and Situational Awareness. In addition, the method opens up an explainable (trustworthy) introduction of new security metrics. And it enables forecasts on the predictive impact of cyber attacks on command and control systems in OT environments. The optimised processing of risks also optimises the use of resources in terms of personnel and materials in risk minimisation. We are thus making a significant new contribution to increasing resilience in OT command and control systems.