Reading view
World CyberCon META Wraps Up, Highlighting Dubai’s Expanding Cybersecurity Prowess
World CyberCon META Edition: Diverse Sessions and Expert Panels
This year’s World CyberCon showcased a diverse array of insightful sessions and expert-led panels. Among the highlights was a compelling panel discussion led by Jo Mikleus, Senior Vice President at Cyble. The panel featured an esteemed all-women lineup of cyber experts, including Irene Corpuz, Sithembile Songo, Eng. Dina AlSalamen, and Afra Mohammed Almansoori. Together, they discussed the transformative impact of AI on cybersecurity, highlighting its crucial role in advancing threat management and security measures. [caption id="attachment_70432" align="aligncenter" width="2800"] (L-R: Dina Alsalamen, VP, Head of Cyber and Information Security Department, Bank ABC; Irene Corpuz - Co-Founder, Women in Cyber Security Middle East; Sithembile (Nkosi) Songo - Chief Information Security Officer, ESKOM; Afra Mohammed Almansoori - Business Analyst, Digital Dubai and Jo Mikleus - Senior Vice President, Cyble Inc. (Moderator))[/caption] The experts delved into how AI and ML technologies are transforming threat detection and response capabilities in cybersecurity. They shared use cases of behavioral analytics, anomaly detection, and automated incident response, showcasing how these technologies are being utilized to enhance security frameworks.Celebrating Excellence: The META Cybersecurity Awards
[caption id="attachment_70404" align="aligncenter" width="2800"] Award Presentation[/caption] The event also celebrated achievements within the cybersecurity community through its prestigious awards ceremony. Heartfelt congratulations go out to all awardees for their pioneering contributions to the field. The awards highlighted the excellence and innovation driving the cybersecurity sector forward. Special thanks to our speakers, attendees, and partners, including Cyble Inc. and Synax Technologies, for their integral roles in the conference’s success. The presence and support of the Ministry of Interior (MoI) significantly enriched the discussions and outcomes of the event. We thank Mariam Alhammadi, MOI SOC Manager, and Saeed M. AlShebli, Deputy Director of Digital Security Department, for their invaluable contributions and insights. Augustin Kurian, Editor-in-Chief at The Cyber Express, shared his appreciation, stating, “The support and engagement from the entire cybersecurity community have been truly remarkable. This year's conference was not only a resounding success in terms of knowledge sharing but also underscored Dubai's role as a prominent tech hub in the face of worldwide digital challenges. A heartfelt thank you to all our participants, and to Dubai for its exceptional hospitality.” [caption id="attachment_70435" align="aligncenter" width="1867"] Augustin Kurian, Editor-in-Chief at The Cyber Express[/caption] World CyberCon META Edition has firmly established itself as a must-attend event in the cybersecurity calendar. The third edition of World CyberCon was a testament to the dynamic and collaborative spirit of the cybersecurity community. The conference provided a vital platform for sharing knowledge, addressing pressing challenges, and exploring innovative solutions. With its blend of expert insights, collaborative discussions, and recognition of excellence, World CyberCon continues to play a pivotal role in advancing cybersecurity resilience. [caption id="attachment_70437" align="aligncenter" width="2800"] Networking during Hi-Tea[/caption]Looking Ahead
The Cyber Express is excited to continue fostering these essential discussions in future editions. The success of this year's World CyberCon META Edition sets a high benchmark for the upcoming editions, promising even more engaging content, expert insights, and collaborative opportunities. As the digital landscape continues to evolve, the importance of such gatherings cannot be overstated. They not only provide a space for addressing current challenges but also pave the way for future innovations and solutions in cybersecurity. For more information about World CyberCon and upcoming events, please visit thecyberexpress.com.World Cybercon 3.0 META Awards Celebrate Champions of Cybersecurity in the Middle East
The Cyber Express Cybersecurity Person of 2024 (META): Man
- Thomas Heuckeroth, SVP IT Infrastructure & Digital Platforms, Emirates Group
The Cyber Express Cybersecurity Person of 2024 (META): Woman
- Dr. Hoda A Alkhzaimi, EMaratsec
The Cyber Express Cybersecurity Diversity and Inclusion Advocates of 2024
- Yana Li, WebBeds
- Dina AlSalamen, Bank ABC (Jordan)
- Rudy Shoushany, DxTalks
- Aus Alzubaidi, MBC Group
- Saltanat Mashirova, Honeywell
The Cyber Express Infosec Guardians of 2024 (BFSI)
- Anthony Sweeney, Deribit
- Bipin Mehta, HSBC Bank
- Syed Muhammad Ali Naqvi, HBL Bank
- Kiran Kumar PG, Alpheya
- Ahmed Nabil Mahmoud, Abu Dhabi Islamic Bank
The Cyber Express Infosec Guardians of 2024 (Government & Critical Entities)
- Talal AlBalas from Abu Dhabi Quality and Conformity Council (ADQCC)
- Abdulwahab Abdullah Algamhi, UAE ICP
- Vinoth Inbasekaran, Dubai Government Entity - Alpha Data
- Dr Hamad Khalifa Alnuaimi, Abu Dhabi Police
- Dr Saeed Almarri, Dubai Police
The Cyber Express Top Cybersecurity Influencers of 2024
- Dr. Mohammad Al Hassan, Abu Dhabi University
- Maryam Eissa Alhammadi, Ministry of Interior
- Hadi Anwar, CPX
- Waqas Haider, HBL Microfinance Bank
- Chenthil Kumar, Red Sea International
- Nishu Mittal, Emirates NBD
- Nisha Rani, Emirates Leisure Retail
The Cyber Express Top InfoSec Leaders 2024
- Mohamad Mahjoub, Veolia Near and Middle East
- Ankit Satsangi, Beeah Group
- Gokul Vasudev, Dubai Health Authority
- Ashish Khanna, SHARAF GROUP
- Abhilash Radhadevi, Oq Trading
- Prashant Nair, Airtel Africa PLC
The Cyber Express Top Infosec Entrepreneurs 2024
- May Brooks Kempler, Helena
- Illyas Kooliyankal, CyberShelter
- Kazi Monirul, Spider Digital
- Muneeb Anjum, AHAD
- Craig Bird, CloudTech24
- Zaqiuddin Khan, Tech Experts LLC
- Alireza Shaban ghahrod, Diyako Secure Bow
Insightful Discussions and Networking
The awards set a celebratory tone that carried through the rest of the conference. The day commenced with a vibrant atmosphere as attendees gathered for registration and explored the exhibition area, setting the stage for a day of insightful discussions and networking opportunities. Augustin Kurian, Editor-in-Chief of The Cyber Express, extended a warm welcome, emphasizing the importance of collaborative efforts in cultivating a secure cyber environment.Keynote and Panel Sessions
Irene Corpuz, Co-Founder of Women in Cybersecurity Middle East, delivered the opening keynote, shedding light on the imperative of incubating security and nurturing a cyber-aware culture, particularly within startup ecosystems. Corpuz's address highlighted the significance of proactive measures in addressing cybersecurity challenges from the outset. Panel discussions served as focal points for in-depth exploration of key cybersecurity issues. From navigating cyber threats to leveraging innovative approaches for threat detection, industry experts provided valuable insights into emerging trends and strategic investments in cybersecurity. Notable panelists included Waqas Haider of HBL Microfinance Bank, Beenu Arora of Cyble, and Azhar Zahiruddin of Chalhoub Group, among others.Diversity and Inclusion
The Cyber Express's World CyberCon Meta Edition event also celebrated diversity and inclusion in cybersecurity, honoring advocates who have championed these principles within their respective domains. Yana Li of WebBeds and Dina AlSalamen of Bank ABC were among the esteemed recipients of The Cyber Express Cybersecurity Diversity and Inclusion Advocates of 2024 award, acknowledging their efforts in fostering an inclusive cyber community. Strategic insights were further highlighted during panel discussions focusing on fortifying against ransomware and the role of AI and ML in enhancing threat detection. Expert moderators facilitated engaging conversations, addressing critical challenges and sharing best practices for prevention, mitigation, and swift recovery.Conclusion
The Cyber Express World Cybercon 3.0 META Cybersecurity Conference successfully raised the bar for the collective dedication of cybersecurity professionals in the META region. By fostering dialogue, sharing insights, and recognizing excellence, the event played an important role in advancing cybersecurity resilience and shaping the future of cybersecurity across industries. The Cyber Express awards recognized the hard work and innovative solutions of the finest brains in cybersecurity, emphasizing the message that collaborative and proactive actions are critical to protecting our digital future. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.RSA (“RSAI”) Conference 2024 Powered by AI with AI on Top — AI Edition (Hey AI, Is This Enough AI?)
RSA (“RSAI”) Conference 2024 Powered by AI with AI on Top — AI Edition (Hey AI, Is This Enough AI?)
Where do we have “41,000 attendees, 650 speakers, 600 exhibitors and 400 members of the media” who all care about cyber security? Ha, an easy question: RSA Conference 2024, of course!
I started my post-RSA blog tradition in 2006 — most of the blogs of course didn’t age well (“NAC is cool?!? What Year is This!?!” — “Eh… that’s 2007, Anton!”)
Here is my latest (and here is our RSA 2024 recap podcast …).
First, remember my bias: SecOps, cloud security and now securing AI, some data security and some odds and ends. I may not be looking at your favorite security segment (hi AppSec!) as intently as I am looking at SIEM, SOC, D&R, various cloud things and securing AI too.
Themes on the rise:
- AI and GenAI: is there anything more obvious? Well, this is definitely the year where “AI” and “AI-powered” decorated every booth (they missed the bus last year). Many are annoyed by this, but I think this is a healthy sign of a use case discovery phase of GenAI for security. Many tool vendors summarize with GenAI, some explain, some vaguely “assist”, some try to generate playbooks or rules, and, yes, there is occasional magic too. We perhaps will see a lot more GenAI for report writing and yes, some for detection and remediation code creation (but carefully!). BTW, I think “AI-powered ML” is pushing it a bit…
- Still comparatively little of “securing AI” (coincidentally the topic of my RSA presentation): my guess is that we need to wait for more organizations to “trip and fall” with this, before the vendor ecosystem arises to help.
- Cloud security: Cloud security posture management (CSPM) remains very popular (even if hidden inside a CNAPP “combo-monster”), while cloud detection and response (CDR) is gaining traction, with some vendors focusing on other niches (in terms of money spent, “CNAPP = CSPM + CDR + misc”, it seems). And yes, securing various cloud-native services is still growing in popularity, as more organizations a) move to cloud and b) try to evolve from lift/shift to cloud native approaches in their practice (so expect fewer firewalls and more observability). Just as in 2014, cloud security problems are configuration problems, identity problems and — here is the real shocker! — identity configuration problems…
- SecOps, SIEM and SOAR spiced with various flavors of TDR and TDIR: naturally, I’ve looked through all the SIEM with SOAR, SOAR without SIEM and everything in between (now “powered by AI”, obviously). I sense that many organizations have been stuck in the past here (some in distant past… some even in the pre-SIEM, ancient past), and that we can expect more disruption. Some want more detection engineering, others vote for the opposite (essentially, the “EDR-ization of SIEM” where you consume detections rather than engineer them). The latest batch of SIEM vendors were born in 2019 (hi Chronicle now called Google SecOps) and 5 years have passed since that day. Will a new batch of SIEM be born? Who knows, but what I do know that it ain’t the security data lakes… these are so 2014 (hi Hadoop … born in 2006, BTW).
- Vulnerability management (VM): first, I thought that I accidentally time-traveled to RSA 2014, but then I realized that “prioritize what vulnerabilities to fix” is actually rising in importance. Perhaps it is time for the next wave of vendors, perhaps some sort of “Kenna 2.0” will rise as a result. Not sure, frankly, what they can do differently — the problem is often the process/culture, not the tool. By the way, I think that CSPM vendors have rediscovered vulnerability management and so they seem to be intent on repeating and then relearning the mistakes that the VM vendors (“the Q/R/T”) made in the late 2000s and early 2010s (“We can prioritize using exploit data, OMG WOW!!” — “Eh… welcome to 2009?” )
- Identity-Centric Security: while very cliche, “identity is becoming the new security perimeter” and it finally shows in real life. ITDR is rising (many types of it), non-human/workload identities proliferate. I suspect this area will become more fun in the coming months. IAM is not just password changes :-)
- ASPM is here, this means … ADR is coming. I definitely spotted application security posture management on a few booths, some focused on complex enterprise applications, internal application building and some cloud applications (but then it would be CSPM / CDR, no?). BTW we have SSPM (for SaaS) and DSPM (for data). Somebody tried DDR a few years ago (dead now?) and I have not seen people shoot for “SDR” for SaaS Detection and Response name (even though there are vendors effectively doing just that).
Themes on the wane:
- Zero trust: I sense it is lower from a very high point of last year, but I also sense that vendors are finally showcasing tools that extend zero trust principles to many parts of the digital environment, so this may actually be a good thing! ZT is still largely a buzzword, but it may have started the climb towards maturity…
- XDR: there was less emphasis on XDR, with some vendors still promoting it (like why? like … don’t?), but it seems to be falling into the trough of disillusionment.
Random themes we also spotted:
- Email security had a surprising presence at RSA 2024, with several new vendors emerging despite the prevalence of existing solutions, and built-in email security.
Other fun things and ideas:
- The debate between platform solutions and best-of-breed tools continues, with the market showing an obvious preference for single-purpose tools, indicating a vast number of niches in cybersecurity. How do I know that? Well, RSA expo has 600+ security vendors and some sources show 3000–5000 security vendors on the planet. They exist, ergo people buy them, ergo market favors niches. End of the debate. Sorry, broad platform fans. People complain about “too many security vendors” but what do they actually do? Buy from even more different security vendors! Exhibit A: RSA Expo hall 1991-2024+
- The pull of the past remains strong in cybersecurity: with established vendors still present and organizations continuing to use older technologies. Mid-2000s SIEM vendor and early 2000s DLP vendors had decent presence, and some of them can barely spell “cloud”, much less “AI.” Yet they exist, they have customers, the past is real. You say “container”, I say “mainframe” :-)
Fun presentations:
- Kevin Mandia keynote is always awesome, so definitely worth watching!
- Elie B two presentations on AI are just epic (and both are on YouTube, 1 and 2; here is a podcast with him where he tells a scary AI story… it’s just radioactive!)
- BTW, we also did a fun presentation on securing AI with SAIF, but the video is not out yet…
- More Google teams presentations can be found here
“Vendor hat = ON” stuff:
- We launched combined (VT + Mandiant) threat intel thing
- We also renamed Chronicle into Google SecOps
- We also pre-launched some fun things for securing AI.. shhhh
P.S. I also had my first Waymo ride (with no driver at all). It probably changed my life … ok, not really …but it definitely made me shut up about “but Tesla sort of can do it too” because it is absolutely, utterly, unequivocally not the same…
P.P.S. Here is how an AI suggested I start this blog: “From the moment I stepped onto the bustling expo floor, I was immersed in a whirlwind of cutting-edge technology, thought-provoking discussions, and a shared passion for safeguarding our digital world. The sheer scale of the event was awe-inspiring, with thousands of cybersecurity professionals from around the globe converging to learn, network, and chart the course for the future of our industry.” (and no, if you have to ask, I am not doing it … real humans don’t talk like this, sorry AI!). Gemini does an epic job correlating the themes on the Expo floor to presentation topics, for example… It is all about the use case!
Related:
- EP172 RSA 2024: Separating AI Signal from Noise, SecOps Evolves, XDR Declines?
- RSA 2023: Not Under the GenAI Influence Yet!
- RSA 2023 — What We Saw, What We Learned, and What We’re Excited About
- RSA 2023 — How to Protect Your Organization from Cyberattacks in Time of Political Turmoil
- RSA 2022 Musings: The Past and The Future of Security
- RSA 2020 Reflection
- RSA 2019: Happily Not Over-AI’d
- RSA 2018: Not As Messy As Before?
- RSA 2017: What’s The Theme?
- RSA 2016: Musings and Contemplations
- RSA 2015: Rise of Chaos!!
- RSA 2013 and Endpoint Agent Re-Emergence
- RSA 2006–2015 In Anton’s Blog Posts!
RSA (“RSAI”) Conference 2024 Powered by AI with AI on Top — AI Edition (Hey AI, Is This Enough AI?) was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.
The post RSA (“RSAI”) Conference 2024 Powered by AI with AI on Top — AI Edition (Hey AI, Is This Enough AI?) appeared first on Security Boulevard.
Live at RSA: AI Hype, Enhanced Security, and the Future of Cybersecurity Tools
In this first-ever in-person recording of Shared Security, Tom and Kevin, along with special guest Matt Johansen from Reddit, discuss their experience at the RSA conference in San Francisco, including their walk-through of ‘enhanced security’ and the humorous misunderstanding that ensued. The conversation moves to the ubiquity of AI and machine learning buzzwords at the […]
The post Live at RSA: AI Hype, Enhanced Security, and the Future of Cybersecurity Tools appeared first on Shared Security Podcast.
The post Live at RSA: AI Hype, Enhanced Security, and the Future of Cybersecurity Tools appeared first on Security Boulevard.
RSA Conference 2024 – Announcements Summary (Day 4)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The post RSA Conference 2024 – Announcements Summary (Day 4) appeared first on SecurityWeek.
RSA Conference 2024 – Announcements Summary (Day 3)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The post RSA Conference 2024 – Announcements Summary (Day 3) appeared first on SecurityWeek.
RSAC 2024 Day 2: IoT Security Questions (and Answers)
RSA Conference delivers in terms of interesting dialogues with other cybersecurity professionals, and this year while there is not much on the conference agenda related to IoT security there is a lot of discussion about it. Whether it’s the UK’s Product Security law going into effect at the end of April, the growing focus by […]
The post RSAC 2024 Day 2: IoT Security Questions (and Answers) appeared first on Viakoo, Inc.
The post RSAC 2024 Day 2: IoT Security Questions (and Answers) appeared first on Security Boulevard.
RSA Conference 2024 – Announcements Summary (Day 2)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The post RSA Conference 2024 – Announcements Summary (Day 2) appeared first on SecurityWeek.
RSA Conference 2024 – Announcements Summary (Day 1)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The post RSA Conference 2024 – Announcements Summary (Day 1) appeared first on SecurityWeek.