BR +55 11 3069 3925 | USA +1 469 620 7643

What were the hottest topics during RSA Conference

by | Jul 12, 2022 | BLOG

Cybersecurity issues have gained importance in organizations of all sizes and segments. After all, cybersecurity risks are increasingly associated with business continuity, which makes the protection of the infrastructure a hot topic from the operational through C-level meeting rooms. According to IBM in the 2021 Cost of a Data Breach report, the average cost of a data leak was $ 4.24 million, a record compared to previous years. And with the evolving of malicious techniques, malicious attackers are always one step ahead from cybersecurity professionals, who need to employ efforts to catch up with them. 

In this case, information security teams need to have a full picture of how those malicious agents work to properly ensure the protection of the environment in the organization. This can be done by training, which includes participation in specific cybersecurity events. One of the most recognized events in the cybersecurity market is RSA Conference, which takes place annually in the Silicon Valley, specifically in the city of San Francisco, CA.

The 2022 edition occurred in the Moscone Center between June 6th and 9th, after a break on in-person events because of Covid-19. During this period, more than 45,000 cybersecurity professionals from all around the globe had an exclusive opportunity to gain knowledge and get valuable insights during the sessions offered during RSA Conference.

Those sessions cover a wide range of topics, where attendees are able to learn about the latest and most advanced cybersecurity solutions in the market. We prepared a list of the hottest topics covered during the RSA Conference to help those who couldn’t attend the conference understand the trends in cybersecurity for the upcoming years.

 

Are you enjoying this post? Join our Newsletter!

Newsletter Blog EN

3 + 11 =

We will send newsletters and promotional emails. By entering my data, I agree to the Privacy Policy and the Terms of Use.

The first topic is Zero Trust. Well, by definition we can define Zero Trust as a set of principles used in designing and implementing and operating an infrastructure. In this aspect, it is important to mention NIST’s Zero-Trust Architecture Guide, which provides guidance on how to implement a Zero Trust-based architecture. President Biden’s 2021 Zero Trust executive order reinforces the commitment of the American administration to ensure the cybersecurity of its agencies. An important message brought in the conference about Zero Trust implementation was: start small, don’t boil the ocean. This means that organizations should not look to achieve the maximum level of Zero Trust. Instead, cybersecurity leaders must start with small steps, and then move forward into Zero Trust.

Another popular (and interesting) topic during the conference was Ransomware. It is possible to find that some widely known ransomware groups have specialized in big game hunting. This means that those groups look for big targets to obtain bigger ransoms. At the same time, recent studies have encountered a 40% increase in successful attacks against SMBs. The sectors most affected by ransomware are consumer goods and the healthcare sector being especially targeted. According to a study conducted by Rapid7, the most commonly leaked data on ransomware is financial (63%), followed by customer/patient data (48%). Ransomware-as-a-Service was also a hot topic during the RSA Conference, especially because this allows malicious actors with no IT knowledge to design their own ransomware campaigns. There were also discussions whether companies affected by ransomware should or not pay the ransom. Cyber insurance is one way companies can mitigate risks related to ransomware

The next hot topic covered during RSA Conference 2022 was software supply chain attacks. According to a study by Argon Security, It grew by more than 300% in 2021 compared to 2020. Another study from Akamai Technologies found that, through the first half of 2022, significant increases were observed in web application and API attacks across the globe, with more than nine billion attack attempts to date. In the last years supply chain attacks have become an efficient way used by hackers to target many organizations from one single entry point. In this aspect, organizations have suppliers all over the world, but at the same time they don’t know those suppliers. In this case, It’s not worth investing in software security if you can’t ensure your supply chain is secure. SolarWinds and Log4j are examples of attacks where attackers explores the supply chain to perform their attacks

The blackout of cybersecurity professionals was also a hot topic during the conference. According to the World Economic Forum (WEF), the world is lacking 3 million cybersecurity professionals. They say that “there is an undersupply of cyber professionals—a gap of more than 3 million worldwide who can provide cyber leadership, test and secure systems, and train people in digital hygiene ».

We have produced an exclusive webinar with the coverage of RSA Conference 2022. You can view it through this link.

senhasegura is a PAM solution with quick and easy deployment process in our environment. Besides this, it is intuitive, which makes it easier to provide training to users and admins. By using senhasegura, your company is able to ensure compliance with the most strict cybersecurity policies, reducing cybersecurity and business risks.

 

Why should Cybersecurity be a concern during the World Cup in Qatar?

Why should Cybersecuritybe a concern during the[dnxte_text_highlight highlight_text="World Cup in Qatar?" heading_tag="h1" highlight_alignment="center" stroke_color="#ee1752" display_type_select="on" _builder_version="4.19.0" _module_preset="default"...

Top 7 Types of Phishing Attacks and How to Prevent Them

Social engineering, in the context of information security, consists of practices performed by hackers to manipulate users to take actions that go against their interests, exploiting their vulnerability and lack of knowledge for their benefit. One of the main types of...

ISO 27001 – What is the importance of having achieved the certification

The process of digital transformation has intensified in companies of all sizes and industries, and is considered an essential factor for business success. One of the main consequences of this process is the exponential growth in the amount of data from customers,...

Principle of Least Privilege: Understand the Importance of this Concept

Granting administrator access to a user who does not even have time to explain why they need this permission is not an efficient way to solve a company's problems but rather to harm its security.  This is because sensitive data can fall into the wrong hands through a...

How to Prevent DDoS Attacks in Your Company?

There are several methods by which malicious agents attack websites and destabilize network services and resources. One of the most widely used techniques is the DDoS attack, which means distributed denial-of-service. Through this attack, a website ends up becoming...