The U.S. Secretary of State Antony Blinken unveiled an International Cyberspace and Digital Policy Strategy on Monday, outlining the Biden administration's plan to engage the global community on various technological security issues. Blinken introduced this robust international cyber strategy while delivering a keynote at the RSA cybersecurity conference in San Francisco. The strategic blueprint outlined in the latest strategy displayed the federal government's multifaceted approach to engaging the global community on a wide array of technological security issues, aiming to foster collaboration and cooperation among allies, partners and stakeholders worldwide.

What’s at the Core of the International Cyberspace and Digital Policy Strategy

At the heart of the plan lies the concept of "digital solidarity," characterized by mutual assistance to victims of malicious cyber activity and other digital harms. Digital solidarity entails collaborating on shared goals, capacity building, and mutual support to enhance security, resilience, self-determination, and prosperity. Against the backdrop of ongoing cyberattacks targeting U.S. allies by foreign actors like Russia, China, North Korea and Iran, efforts focus on supporting allies and partners, particularly emerging economies, in harnessing the benefits of digital technologies while sustaining economic and development objectives. The strategy emphasizes alignment with international partners on technology governance, fostering strong partnerships with civil society and the private sector, and promoting cybersecurity resilience through diverse products and services from trusted technology vendors. Moreover, it underscores cooperative efforts to defend and advance human rights and build digital and cyber capacity for long-term resilience and responsiveness. The Department of State, in collaboration with other federal agencies, will advance digital solidarity through four key areas of action supported by three guiding principles:

1. Promoting an open, inclusive, secure, and resilient digital ecosystem.
2. Aligning rights-respecting approaches to digital and data governance with international partners.
3. Advancing responsible state behavior in cyberspace and countering threats through coalition-building and engagement.
4. Strengthening international partner digital and cyber capacity.

Efforts to forge digital solidarity will be reinforced by active participation in international fora to shape obligations, norms, standards, and principles impacting cyberspace and digital technology issues. Leadership in these venues is crucial to safeguarding U.S. interests and values in the evolving digital landscape. Recognizing the significance of digital diplomacy, the Department of State will lead interagency efforts to coordinate cyber and digital technology diplomacy to advance U.S. national interests and values in the coming decade.

Cybersecurity Threats from Nation States

The strategy addresses the malign activities of nations such as Russia, China, Iran, and North Korea, condemning their exploitative use of technology for nefarious purposes, including hacking and espionage campaigns. It highlights concerns about these countries' efforts to undermine international regulatory frameworks and undercut U.S. technology manufacturers through state-sponsored subsidies. “Cyber criminals and criminal syndicates operating in cyberspace now represent a specific threat to the economic and national security of countries around the world,” the International Cyberspace and Digital Strategy said. “Cybercrime and online fraud cause significant harm to economic development, with small- to medium-sized enterprises and financial service providers especially at risk. According to one estimate, the global cost of cybercrime is estimated to top $23 trillion in 2027.”

AI Technology Governance

The landscape of AI technology governance is intricate, as per the latest strategy. While AI systems offer promising avenues for societal progress, the complexities of geopolitics further compound the challenges and uncertainties in their regulation and management. AI technologies hold immense potential to drive knowledge expansion, boost prosperity, enhance productivity, and tackle pressing global issues. However, the rapid proliferation of AI technologies also presents substantial risks and ethical considerations. These encompass a spectrum of concerns ranging from exacerbating inequality and economic instability to privacy breaches, discriminatory practices, and amplification of malicious cyber activities. Moreover, the dual-use nature of many AI applications poses challenges in ensuring that emerging technologies are not leveraged for nefarious purposes, including disinformation campaigns and military advancements lacking adequate human rights safeguards. Balancing risks and rewards requires safeguarding democratic values, human rights, and fostering international collaboration to harness AI's benefits while mitigating destabilizing impacts. The strategy also warns against complacency in critical technological domains, cautioning that failure to act could enable authoritarian states to shape the future of technology in a manner detrimental to U.S. interests and values. By advocating for concerted efforts to uphold a rights-respecting, open, and secure cyberspace, the United States aims to advance a vision of global governance that safeguards democratic principles and promotes innovation and prosperity.  Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

The RSA Conference 2024, the world's biggest cybersecurity event, is currently underway at the Moscone Center in San Francisco. Over 640 vendors are showcasing their latest offerings at the expo, which began on Monday, May 6, 2024 and runs until Thursday, May 9th. For the second consecutive year, generative AI (GenAI) appears to be a major focus for cybersecurity products unveiled at the event. Here's a look at the top 5 companies making a splash at RSAC 2024:

1. Cyble with Vision X

Cyble, a prominent force in AI-powered cybersecurity, has launched Cyble Vision X, the successor to its award-winning Cyble Vision 2.0 threat intelligence platform. Vision X aims to elevate the user experience by granting decision-makers immediate access to critical information. The first phase of Vision X is poised to introduce a series of impactful enhancements, including a revamped "Executive Insights" dashboard that consolidates the most significant intelligence in a user-friendly interface.  Additionally, an improved filter allows users to effortlessly navigate through their data, and a sleeker, more modern, and intuitive design ensures an optimized user experience. Cyble Vision X also boasts several other improvements, such as: 

• A new "Alerts Insights" interface, previously known as "Executive Insights" and rebranded to reflect a more granular level of data analysis. 
• A revamped header and collapsible left pane for a cleaner, more efficient workspace. 
• A redesigned authentication screen that maintains the same API functionality while incorporating aesthetic enhancements. 

For more information, visit Cyble's booth N-2353 at RSA to explore VisionX and their other services.

2. Theori with Xint

Taking a unified approach, Theori unveiled Xint, a comprehensive Security Posture Management (SPM) solution. Xint streamlines security operations by consolidating data from various sources, enabling organisations to gain a holistic view of their security posture and proactively identify vulnerabilities.  Highlights of Xint include: 

• Cloud Security: Continuous monitoring and enhanced visibility into cloud configurations, resource utilization, and access controls to swiftly respond to potential security risks. 
• External Threat Detection: Security tools designed to defend against unauthorized access for externally facing applications, including web applications, APIs, mobile apps, and third-party integrations. 
• Offensive Security AI Engine: A revolutionary approach to penetration testing that combines the expertise of award-winning offensive cybersecurity veterans with cutting-edge artificial intelligence technology that precisely pinpoints vulnerabilities. 

For more information, visit Theori's Booth: 634.

3. New SEI Tool

The Software Engineering Institute (SEI) introduced a novel tool designed to provide much-needed visibility into DevSecOps pipelines. This tool empowers developers to identify and address security issues early in the development process, preventing them from becoming exploitable vulnerabilities in the final product.  The tool, called Polar, is an observability framework that provides a comprehensive picture of a software system's deployment platform. Polar unlocks data captured by disparate tools within an organization, helping to answer complex questions about performance and security that are crucial for real-time decision-making and agility in the face of threats. For more information, visit SEI's Booth: 1743.

4. Cranium with First-of-its-Kind GenAI Exposure Management Solution

Cranium, a leading enterprise AI security and trust software firm, introduced the industry's first exposure management solution specifically designed for GenAI at RSAC 2024. The Cranium platform features an AI-augmented workflow with a secure LLM architecture paired with proprietary threat intelligence to provide visibility into an AI system, characterize attack surfaces, and assess vulnerabilities within an organization.  As the use of GenAI tools like Microsoft's Copilot for Microsoft 365 grows, concerns around potential misuse and exploitation also rise. Cranium's solution offers a critical layer of protection against such attacks. Their exposure management solution can help organizations identify and mitigate potential security risks associated with GenAI tools, ensuring these powerful AI-driven applications are used securely.

5. Vectra AI Expands Platform to Combat GenAI Attacks

Vectra AI, a leader in hybrid attack detection, investigation, and response, has recognized the evolving threat landscape with the rise of GenAI and has expanded its AI platform to combat GenAI attacks. Vectra's enhanced solution leverages advanced AI and machine learning to detect and neutralize sophisticated attacks that may exploit the capabilities of GenAI tools. Traditional security solutions might struggle to identify these novel attack methods, so Vectra's AI-powered platform offers a vital line of defense.  Catch up with our team at our open house, Attack Labs Live, at the Nasdaq Entrepreneurial Center