RSAC 2024

We Asked 14 Top Cybersecurity Experts And Leaders What They Are Most Excited About. Here’s What They Told Us.

At RSAC 2024 Expert Insights met with security experts and executives from some of the leading global cybersecurity companies, including Cloudflare, IBM Security, Zscaler and more. Here’s what we learned.

The 2024 RSAC Conference at the Moscone Center in San Fransisco

The year’s biggest global cybersecurity conference is wrapping up in San Francisco, and attendees are heading home with a head packed full of cybersecurity discussions and a rucksack packed full of branded socks.   

The undeniable key theme of the show this year was how security is being reshaped by AI, both in terms of new technologies and emerging threats. As Patrick Coughlin, SVP Global Technical Sales at Splunk told Expert Insights: 

“We roll our eyes at AI, but I like when RSAC is happening and there is an undertone of excitement around it. It weaves a little bit more energy into everybody and it lets us all tell the same joke and roll our eyes at each other. It also helps remind us why we are all here. Security is about getting the enterprise and the business comfortable with new technologies, and we’ve got a big one happening now. That reminds us what our mission is.”

This week the Expert Insights team with top CEOs, executives, and cybersecurity experts from some of the world’s biggest cybersecurity companies. We asked each of the experts we spoke to: What are you most excited about in the cybersecurity space. 

Here’s what they told us:

Mike Britton, CISO, Abnormal Security

Profile photo of Mike Britton

Most excited by: AI that can help teams keep pace with innovation.

Security always lags behind technology. I always feel like we have to run to keep up with what’s going on in IT. It always feels like security is lagging to what is going on technology wise, and I think that is part of the problem. But there’s a lot of promise with AI, where there’s an opportunity for security to stay on pace with technology. It also annoys me the most, because every single vendor on the conference floor has the word AI plastered on their booth!”

Steve Winterfeld, Advisory CISO, Akamai

Profile photo of Steve Winterfeld

Most excited by: The innovations in the fight against fraud.

“I’m a fraud nerd. The thing I’m seeing more lately is return fraud. There’s a lot of customer hijacking, there’s a lot of typical fraud. When I was a CISO at Nordstrom bank, owning much of Nordstrom’s security infrastructure, we spent a lot of time on fraud. Fraud is always such a dynamic area. I’ve seen some new talks recently on the innovation within return fraud.”

Dave Gerry, CEO, Bugcrowd

Profile photo of Dave Gerry

Most excited by: Better collaboration between CISOs.

CISOs are continuing to learn from each other. They’re continuing to invest heavily in understanding what their peers are doing. We’ve seen this play out over the last couple of years in particular, there’s certainly less competition. Even in two competing organizations, the security organizations still meet and talk and share feedback and share advice. I think what we’re realizing as an industry. We have to have unity and it’s a team sport. Because everyone is facing very similar attacks. They may be different, based on industry or vertical or segment, or where they sit in the market. But fundamentally, they’re seeing many of the same attacks and we are seeing a need for sharing information. I think we’re going see that across the entire industry.”

Larry Wiggins, VP, Security Technology & Operations, Cloudflare

Profile photo of Larry Wiggins

Most excited by: The unknown potential of AI. 

“I’d be lying if I didn’t say AI. I think there’s huge opportunities that we are only just starting to tap. Everybody looks at AI as: “How can I do things faster?” If I’m a developer: “How can I develop, redevelop the things that have already been done?” And then there’s obviously, you know, large dataset problems. But I think the most exciting parts of AI, as it relates to security, have yet to be discovered.”

John Bennett, CEO, Dashlane

Profile photo of John Bennett

Most Excited by: Collaboration in the cybersecurity vendor space.

“It’s the level of collaboration. The conversations I’m having where there’s high recognition: we understand that the game has changed. What’s going on globally in the world, with the rise of nation state malicious actors, that is our competition. That is what we’re solving for. And I’m really encouraged when at scale, very large platform players in this space, recognize that we need to work together. I’m very excited for just the awareness of we have a really important role to play in society and I’m so excited about the openness and the willingness to have meaningful conversations on areas that we need to work together on.”

Joseph Carson, Chief Security Scientist (CSS) & Advisory CISO, Delinea

Speaker Profile: Joseph Carson | EIC 2023

Most excited by: The power and potential of AI for good.

“Of course we’ve heard a lot about artificial intelligence. I have recently done a piece of research, which found most people believe that it’s not here to kill us, it’s here to save us. I’m hoping that’s going to be the reality at the end of this year, and beyond. I’m hoping that we’re able to use the capabilities of generative AI and other AI tools to really make the world a safer place. That’s what I’m hoping for. And hoping to see that we are able to use AI with responsibility and accountability, not abuse and misuse it.”

Jennifer Kady, Vice President of Security SalesIBM Security

Profile photo of Jennifer Kady

Most excited by: Security by design and building more trust in security. 

“Security is intertwined in everything that we’re doing. Or at least it should be. As much as machine learning and AI has been driven into all of our software programmers, everything should be considered secure by design. That’s how we’re developing our software as we’re going forward. The acquisitions that you’re seeing, are all based on a secure by design structure, and it’s also based on rendering clarity and trust as to how and why our data is being used, so that you can make better decisions. I think that’s important for us as not only users but human beings. Security is not going be going away by any means. Being able to leverage and use it better within our development cycles, I think is going to be what catapults us over the next 10 years. Especially as we go into Quantum.”

Abhishek Agrawal, Co-Founder & CEO, Material Security

Profile photo of Abhishek Agrawal

Most excited by: Consolidation and cybersecurity platforms.  

The macro environment over the last couple of years has forced a lot of scrutiny on cyber spend. I actually think that’s a good thing for the industry. I think the move away from pure-play, best-of-breed, point solutions, to more of a platform, motivated by the need to consolidate, is a good thing for the industry. I’m saying this as an email security vendor that does one thing today, but we are becoming more of a broader service. Part of the reason we want to do that is because we think if you can do a bunch of different use cases, each of them get better.  It’s a cycle, and I’m sure it’ll bounce the other way in another decade. But I was talking to someone [at RSAC] yesterday, a big financial services company with over 120 tools. It’s absurd. The idea of trying to bring that down is a good thing.”

Tim Choi, VP of Product, Proofpoint  

Profile photo of Tim Choi

Most Excited By: Using AI to reduce CISO burnout.

Whenever there is a technology breakthrough, there is a step-function that opens up opportunities.  I think there’s a step function around machine learning, large language models, that gives security professionals and practitioners opportunities to be more efficient and effective in their work. With more threat actors, more threats, there’s more work to do, more things to process, more challenges. Burnout is a fundamental concern that we as an industry need to be concerned about.  Help with automation, with streamlining, recommendations that can help with automation, that’s very important to take advantage of.  The funny thing is, if you asked a threat actor, they’d probably say the same thing! On the defender side, I think, to make sure that our people in the industry are protected, leveraging these technologies and tools, is exciting.”

Nayeem Islam, Vice President of Cloud Security, Qualys

Profile photo of Nayeem Islam

Most excited about: Solving fundamental challenges with AI. 

“I’ve spent my whole career in AI. it’s a little frightening, weird, that it’s now all people are ever talking about. I remember when I was first part of the chess program at IBM that beat Garry Kasparov. And then there was a lull, and no I cant go anywhere without people talking about generative AI. I do think we’re at the beginning of a pretty big shift, but I think people are missing the ultimate goal of where we are going to go. What it portends for the future is tremendous in my view. There will be so much automation that will come out of this. Take the security talent shortage. We’ll finally be able to take a crack at that. And really change the way people do their jobs.”

Ely Kahn, VP, Product Management, Cloud, SentinelOne

Profile photo of Ely Kahn

Most Excited By: Automated remediation in application security using AI tools.

“The thing that excites me most is the move towards automated remediation. Even outside of what SentinelOne is doing, there are a number of startups that we’re tracking using AI to bring automated remediation to other areas. A great example of this is more from the application security space, which is often times the root cause of the threats that we have to go in, detect and fix up. The more that we can bring security ‘left’, and fix code, insecure code, as it’s being developed, the less attack surface there is, and the ultimately the less threats that we’re going to have to face downstream. So things in the shift left bucket, using AI to help developers develop code more securely is something that that I’m super excited about. It’s going to make security better across the entire stack.”

Patrick Coughlin, SVP Global Technical Sales, Splunk

Profile photo of Patrick Coughlin

Most Excited By: More openness and less barriers in cybersecurity.

“I think the long-term promise of AI, is it will bring down the barrier of entry. We can start to bring in more people that don’t have to come from technical or have spent years working for the government trying to bring down bad guys. Just like other departments in the organization, you can bring in a diversity of thought and background into the Security Operations Center, into the security operation. That does pretty cool things for the security operation. In some ways it’s scary, because we’ve prided ourselves for years in being the high priests of complexity in the enterprise. We go to the board and say, “I’ve spent years working insecurity, you couldn’t possibly understand the threats, give me my budget!” But I think the future we’re seeing is the CISOs still playing that game are struggling, and the ones that are winning are far more open.”

Jason Keenaghan, Director of Product Management, IAM, Thales Identity

Most excited by: Increased importance on IAM in the organization.

Profile photo of Jason Keenaghan

“Identity and access management is going up the hierarchy inside of organizations in terms of importance, and focus. In different organizations, IAM fits into different places. In some cases, it’s more IT, in some places it’s more security. There’s a business aspect as well. It’s a business enabler. So, there’s no natural home sometimes. In some places the IAM leader is maybe even becoming a parallel spot to the CISO. But there’s still a major skill shortage in that space. A lot of times IAM can be scary to a lot of people because we always drop into acronyms and there’s so much technology to understand. And we have to be security focused, IT focused and business focused, at the same time. Having that skill set can be difficult to find. We’re trying to help build up knowledge in the space too.”

Sam Curry, Global CISO In Residence, Zscaler

Profile photo of Sam Curry

Most excited about: Genuine improvements in security resilience.

Nothing about the show is exciting to me. What is interesting to me is that we finally start to get better at things. I want to see us get better at the craft of security, and resilience. And we still aren’t doing it. The techniques exist. There’re ways to do this. But as an industry, we sit around wringing our hands and say, “Oh, look how bad the bad guys are! Oh look, phishing is up!” Which it is. But when people don’t really do zero trust, when it can be done. When they aren’t taking and using the techniques that are actually now well-known and established, it’s not interesting. Being too honest!”

About Expert Insights

Expert Insights is a B2B research and review platform for IT solutions and services. We help over one million IT managers, CISOs, small business owners, and other professionals discover the best IT and cybersecurity solutions.