5 Big Statements From Cybersecurity Leaders At RSAC 2023

Top executives from Palo Alto Networks, CrowdStrike, Cisco, Microsoft and Trellix spoke out about current cyberthreats, generative AI and the cybersecurity talent shortage during keynotes at RSA Conference 2023.

CRN editors Kyle Alspach and Wade Tyler Millward talk about the hot topics at RSA 2023, including the roles of generative AI and the channel in cybersecurity.

Biggest Statements At RSAC

This week at RSA Conference 2023, top executives from some of the largest and most influential cybersecurity vendors took the stage for a series of packed keynote sessions. And the execs — from companies such as Palo Alto Networks, CrowdStrike, Cisco, Microsoft and Trellix — delivered keynotes on some of the key issues of the moment in the security world. Those included cyberthreats and adversary tactics, the cybersecurity talent shortage and, of course, generative AI (the unofficial theme of RSAC 2023).

Trellix CEO Bryan Palma, for example, weighed in with his view on how cybersecurity teams can get the upper hand on attackers — by embracing offensive security. “Ransomware groups are attempting to destroy our businesses. Yet all we have is defensive tactics,” Palma said during his keynote Tuesday at RSAC 2023. “Shouldn’t we have an opportunity to not only strike back, but strike first?”

Among the other prominent executives who delivered keynotes at RSAC 2023 were Lee Klarich, chief product officer of Palo Alto Networks; George Kurtz, co-founder and CEO of CrowdStrike, along with Michael Sentonas, president of CrowdStrike; Vasu Jakkal, corporate vice president for security, compliance, identity and management at Microsoft; and Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco.

What follows are the five biggest statements from cybersecurity leaders at RSAC 2023.

Lee Klarich, CPO of Palo Alto Networks

“I actually believe security is solvable. I actually believe that this is a winnable battle … There are some incredible things that are happening in technology that give me optimism. No. 1, over the last several years, the ability to operate at machine scale — leveraging what effectively is unlimited compute, unlimited bandwidth in the cloud — to change the way security is delivered, completely changes the notion of what can be done … AI is most powerful when it is driven by great data. And I actually believe that through the cloud-delivered, machine-scale that we can now use in our security architectures, if we have the potential to really collect the best possible data to drive AI-based outcomes [then] AI does have the power to be truly transformative in cybersecurity … I believe the third requirement of achieving great cybersecurity is we have to start to become much more prescriptive in how to accomplish the outcomes that are needed. It is not enough to provide 100 different options. To truly transform how we do cybersecurity, we have to provide the path. We have to provide a viewpoint on how we achieve the outcomes we’re trying to achieve. We have to be able to quantify the outcomes. And that is why I’m optimistic about cybersecurity.”

Jeetu Patel, EVP and GM of security and collaboration at Cisco

“We are at an inflection point right now. Every company is rethinking how they are going to use AI. And every vendor is talking about it. And you can’t really blame them, because if you really think about the sophistication of security attacks, it no longer can be handled at human scale. You have to do it at machine scale, or it doesn’t work. Now, the question to ask is, what are the things that need to come together to make AI really a step-function improvement on the insights it can deliver, in security specifically? And there are three things, when you start thinking about AI, that need to come together. One of them is the model. The second is the data. And third is the experience … Now for all of us that have been part of witnessing this massive shift that’s happened with ChatGPT, the reason that they did so well was not just because they had a great model, and because they had great data and great insights. The reason they did well is because they nailed the experience.”

Vasu Jakkal, CVP for security, compliance, identity and management at Microsoft

“This is the Industrial Revolution 5.0, when AI becomes mainstream. And what you’re noticing also is that every single era has built on top of the others shrinking. [With ChatGPT] in three months it reached 100 million users. By comparison, it took mobile phones 16 years to reach 100 million users, and the internet seven years to reach 100 million users. We are at the cusp of something really special. And we need this in security. We need this desperately because the odds today are against the defenders. … We don’t have people to solve our challenges. We need AI. And that’s what gives me hope and optimism. … These security-specific AI models are going to do what we want them to do — augment our humans. Help out defenders and empower them to do things which were not possible. They’re going to help us simplify the complex. They’re going to help us catch what others have missed or what we have missed. They’re going to help us address the talent shortage and really change the paradigm of productivity.”

George Kurtz, co-founder and CEO of CrowdStrike (pictured right)

“You can pretty much live off the land [as an adversary] and not use malware, and just use existing tools — administrative tools, RMM-type tools — to maintain persistence … I’ve been at this a long time. I think I did the first-ever public demo of ‘pass the hash,’ the keynote at Black Hat in 1999. It still works pretty good today in 2023. You know, why get fancy? ... [Adversaries] really like to leverage existing tools that are out there. There’s no reason to get fancy if you can blend in.”

Michael Sentonas, president of CrowdStrike (pictured left)

“For calendar [year] 2022, 71 percent of the attacks — the incidents we investigated — did not use malware at all … When you walk the floors and people talk about [antivirus], people talk about preventing malware autonomously and a whole bunch of other stuff — you’ve got to separate the technical tradecraft that the adversaries use [from] the marketing. Because if your strategy does not involve threat hunting, if it does not involve the basic ability to get visibility into the attacks of the tradecraft, you will get breached, and you won’t know the adversaries are on your network.”

Bryan Palma, CEO of Trellix

“The SOC [security operations center] of the future fights back … How long will we only play defense? We have to go on offense. Ransomware groups are attempting to destroy our businesses. Yet all we have is defensive tactics. Shouldn’t we have an opportunity to not only strike back, but strike first? Our industry boasts a powerful cyber intelligence community. If we collect ample evidence that our adversaries plan to attack us, it should be ‘game on.’ … Does anyone imagine winning by only playing defense? Not likely. I definitely don’t have all the answers on how we effectively leverage an offensive playbook. But what I do know is this: We need a mindset change. Let’s challenge policymakers and politicians to reimagine the rules of engagement.”