5 key takeaways from RSA Conference 2022

RSA Conference 2022, the annual four-day conference where the world comes together to discuss all things cybersecurity, attracted a robust crowd. More than 26,000 attendees gathered to hear from 600 speakers in more than 350 sessions. The conference also hosted nearly 400 exhibitors. 

For the first time in two years, cybersecurity professionals from around the world gathered in person to discuss the current and future cyber threat landscape and innovative ideas and solutions for how to approach this rapidly changing environment. 

The official theme of this year's event was "transformation," but there were many trending topics at the show. Several of the most pressing included:

• Privacy and surveillance issues
• Positive and negative impacts of machine learning and AI
• Nuances of risk and policy
• Rise of ransomware attacks
• Supply chain compromises 

Also a hot topic? Looming nation-state threats and the U.S. government's responses to them.

While conference talks and presenters covered a wide range of cybersecurity issues, five key subjects dominated keynotes and discussions. Here’s a brief rundown of this year’s trends and takeaways. 

Want to learn more? For a full recap of RSA Conference 2022, check out this on-demand webinar in which cybersecurity experts Aaron Rosenmund, John Elliott, Bri Andersen, and Brandon DeVault share their thoughts on some of this year’s buzziest trends. 

Zero Trust was top of mind for attendees and presenters, as witnessed by the 14 sessions that referenced the topic in some way. Many sessions focused on putting Zero Trust principles into practice and implementing Zero Trust Architecture projects. As vendors increasingly try to push Zero Trust as a service, Pluralsight’s Bri Andersen’s take on the subject was that Zero Trust isn’t a product but a platform that consists of policies, people, and users. Bri described Zero Trust as a strategy that depends on collaboration across all teams—not only the security team—for successful implementation.

Instead of focusing on broader Zero Trust issues, vendors address solutions for specialized segments, such as identity proving that an organization can plug into its overall Zero Trust strategy. Pluralsight author John Elliott saw this as an encouraging sign that the industry is on a forward path to dealing with continuing Zero Trust concerns.

One recurring and powerful topic at RSA Conference 2022 was a push to automate work and simplify workflows and architectures. Sessions included thoughts on automating everything from security operations and pen tests to red team ops and secure code development. 

John suggested that workforce development and investing in people and processes offer the best solution. However, he stressed that while organizations must be able to pivot and support their teams, automation still requires trained people to drive the system. To fully support their red teams with automation, organizations need to do the manual work and invest where it matters. In the long run, an automated red team is a great assurance, but companies need the right people to use and manage it.

In an industry where burnout and lower engagement are a growing problem, it’s not surprising that hiring and retention were common themes at the conference. Bri noted that attendees and vendors were divided between two camps: those with a hiring perspective and those concerned with increasing retention and lowering attrition. Culture, work-life balance, and solving cybersecurity skills gaps were top of mind with the hiring camp, while the main concerns of those focused on retention were new tactics on PTO time, remote work, and a stronger emphasis on employee mental health options.

Software bill of materials (SBOMs) was another focus of RSA Conference 2022, especially as work-from-home policies, increases in online service exposure, and a push to cloud services present extra vulnerabilities and complications. Pluralsight’s Aaron Rosenmund feels that SBOMs will most likely become a part of every organization’s asset management that will also extend into software components. 

Vulnerabilities in second- and third-party vendors will also need to be examined, as they could affect a company’s systems. However, Aaron stated there’s no way of detecting all vulnerabilities unless an organization has software automation solutions. While there were vendors and sessions at RSA addressing this topic and possible solutions, the general thought was that people are still trying to fully understand what should be inside an SBOM. 

One of the main trends that emerged from the conference was the rapid rise and growing popularity of extended detection and response (XDR). In today’s complex cybersecurity landscape, relying on point solutions isn’t enough. The focus on XDR comes as organizations increasingly need unified protection across multiple environments and sensors, from physical and connected devices to virtual and cloud platforms to hosted workloads. 

Aaron’s take is that XDR is a logical spinoff of endpoint detection and response (EDR), which Rosenmund pointed out has been highly successful in dealing with security challenges over the past years. The question, according to Rosenmund, is how organizations integrate XDR into existing processes where they’ve already had success. He also noted there is still no one solution that solves problems that existed two years ago.