Dear Reader, 

The RSAC in San Francisco has come and gone and there were significant threads to follow, including an emphasis on digital hygiene and using defensive AI to encourage it.  A good chunk of the Biden administration were in attendance to ensure the industry that the government has got their back, including Jen Easterly, head of CISA, SecState Anthony Blinken, and HSSec Alejandro Mayorkas.  There were several outstanding keynotes, but in particular, Bruce Schneier outlined a very positive way of using AI in government: to help the electorate access government services.

But there were also moments that usually won’t make the news, like:

• Chase (Dr. ZeroTrust) dressed as Randy “Macho Man” Savage because he lost a bet
• The desktop DLP provider who thought it would be a good idea to use a Tesla Cybertruck for a street billboard and ignore basic traffic laws… and being praised for “marketing genius.”
• Antonio Sanchez, cybersecurity evangelist for Fortran, explaining why he requires the deletion of the term “AI” from all marketing content, “because, it’s just too much.”
• A dozen emails from companies cancelling briefings that we never agreed to attend.

We saw several companies advancing the use of AI in cloud-based detection and response with Sumo Logic, Blumira, ArmorCode and ZeroFox. There were companies looking to detect deepfake use of AI, including Reality Defender and Normalyze. And as the EU is forcing Apple to open it’s App Store to sideload malware-infected apps, Promon and Quokka are providing defensive technology for mobile security.

In the coming year, we are going to have to drill down on things like email and messaging security, identity privacy, data sprawl, “hacking the hackers,” and vulnerability management.  We also found additional aspects for coming special issues on Election Security, AI defenses and cloud security.

A point of personal pride came from our regular opening question: “Are you familiar with the magazine.” In 2022 and 2023 the answer was always, “No.”  This year it was almost always yes, along with references to specific articles we’ve published in the past 6 months. 

We also solidified our relationship with the infosec.live community and will be announcing several joint programs going into 2025.

In other news, our latest special issue, in conjunction with the Cloud and Cybersecurity expo in Frankfurt, is out and we take a look at the importance of protecting backups in cloud computing, talent acquisitions, and interview with Andy Grolnick, CEO at Graylog, on API security and more.

Coming up is our Election Security issue. We will have interviews with the first US Congressional candidate with ACTUAL cybersecurity training and with cybersecurity expert Harri Hursti, and articles from companies specifically focused on keeping elections honest.  We will also offer a video discussion of how to make informed decisions without relying on social media or political advertising. We have room for more so contact us soon.  Deadline is the end of June.

 For those who are interested in a printed issue: in October we'll be distributing the magazine at it-sa, Europe's biggest cybersecurity expo and congress. Last, but not least, our final issue for this year, due in December, will focus on AI.

Happy reading

Lou Covey, Joe Basques and Patrick Boch

Our Cloud Security Issue

RSA Conference 2024

The cybersecurity industry is just absolute chaos, and rightly so.  This is the industry charged with plugging dikes during the Class-5 hurricane that the internet seems to be today.  Nowhere is that chaos more evident than at RSAC just from a marketing perspective. Everyone has “ground-breaking”, “industry-leading”, and “first ever” product offerings and this year was no different.  But if you can look past the Macho-man impersonations, Formula One cars, and the mesmerizing miasma of the website and show floor, you can see an order forming in the chaos. Change is coming.