Lessons & Takeaways from RSA 2023: "Stronger Together"
The largest cybersecurity conference in the world concluded this year with reminders of evolving threats and positive messages about what’s possible when working together to defend our most valuable assets. I had the opportunity to join discussions during the conference about what we’ve learned from recent historical events. I have confidence that collectively, we’ll use those lessons to create a more resilient digital environment in the future to foster and build trust with our partners, customers, and the public. Here’s what I learned from RSA 2023:
The Changing World of Cybersecurity
The world events that plagued our headlines in the last five years have changed the way we relate to each other, the way we do business, and the way we think about cyber threats. During the Cybersecurity Tech Accord fifth anniversary celebration this week, I joined industry leaders and our SAP delegation ( Tim McKnight , Niall P. Brennan , John W. Coovert , Wiebke Thelo , Jay Thoden van Velzen , Michelle P. B. ) to discuss the challenges that our industry has faced since the 150 global technology companies made a public commitment in 2018 to promote a safer online world for users and customers everywhere.
Since this pledge was taken, there has been an evolution of cyber conflict including the rise of misinformation, increased mistrust in institutions, an explosion of ransomware attacks, the sophistication of AI in cyber threats, and the rise of nation state attacks. The COVID-19 pandemic and mandatory lockdowns also led to an acceleration in our dependence on technology as well as global commercial cloud adoption, implying an increased attack surface for threat actors.
The current state of cyber and the world events that influenced it, reveal unprecedented challenges, including general pessimism towards overcoming cyber threats. At the same time, I believe it has also brought us closer together. I know I am not alone in believing that our industry has the power to make real change happen. Organizations are becoming more aware of the importance of working together and with others in our field, including the public sector, to defend the digital ecosystem in which we all depend.
Developing the Cyber Workforce
An urgent matter the Chief Trust Office at SAP has been working on is developing the cyber workforce. Our partnership with U.S. colleges and universities, including HBCUs, is a result of our investment in developing early talent to fill the cybersecurity job gap and increase diversity in the field. We opened year-round internships to students representing diverse backgrounds and experiences, to give them an opportunity to explore a career in cybersecurity. Finally, we have invested in training for our current employees and have given them the tools they need to further specialize in their field. I was fortunate enough to see how the efforts from other organizations have come to fruition at RSA through the celebration of amazing women in the industry throughout the conference.
领英推荐
Emerging Technology
AI was a common theme throughout RSA, and there was extensive discussion about how and if we should regulate this technology. SAP sees the exciting and rapid development of technology as an opportunity and have dedicated significant resources to AI, microelectronics, quantum computing, and clean energy technology — all while keeping security in mind. This commitment is also outlined in Pillar 4 of the National Cybersecurity Strategy, which is an opportunity for businesses and governments to keep up with emerging technology and use it to our advantage.
Public and Private Partnerships
It is nearly impossible to secure a digital ecosystem unilaterally and protect oneself without the public and private sectors working together. Thankfully, the National Cybersecurity Strategy provides a much-needed roadmap for collaboration between agencies and industry partners, particularly in the technology sector. By building relationships with government agencies like CISA’s Joint Cyber Defense Collaborative, and in complement with domain experience, experts can access the best threat intelligence, in order to adequately respond to anomalies, alerts, and events, and build resilience for future and emerging threats.
Looking Ahead: Rebuild and Regain Trust
I participated in another discussion with Ambassador at Large for Cyberspace and Digital Policy Nathaniel Fick and Founder of NightDragon Dave DeWalt , which focused on how a collaboration between the private and public sectors can help alleviate the mounting pressures from threat actors. With the release of the most recent White House National Cybersecurity Strategy, the industry now has a more clear directive on what to do to create a more resilient and secure digital environment with the help of the public sector.
There are two recommendations I’d like to contribute to the conversation: a call for an agency level position to advocate for citizens digital rights and a higher accountability in cybersecurity. I believe public sector would also benefit from a federal Chief Trust Officer or bureau that can focus on rebuilding the trust that has been lost in the last five years.
In conclusion, the inspiration and ambition from the week, gives me hope for the future of cyber and for the ongoing collaboration between industry and governments. As the Chief Trust Officer, it has been my job to foster trust with customers and be transparent about how we process and secure their data. Cybersecurity needs to have a seat at the table in leadership in more businesses. CEO’s and board members should be aware of the role of security within their organizations. As an industry, it is our job to simplify, promote, and inform our leaders and community on the importance and impact of cybersecurity.