Blog

RSA Conference 2023: AI and Threats Remain in the Spotlight

With the theme of “Stronger Together,” as the RSA Conference (RSAC) 2023 in San Francisco progressed throughout the week, several key topics emerged as trends in cybersecurity during breakout sessions and vendor demos.

AI gains ground

Artificial intelligence (AI) was a popular reference in the breakout sessions, discussions included how attackers are using ChatGPT to write and adapt phishing emails. Despite the fact that the terms of use for ChatGPT prohibit this, there were demonstrations of how to bypass its guardrails, by getting AI to adopt an alter-ego called DAN (Do Anything Now), that broke free of limitations, as has been covered in the media.

Even more dangerous, as other presenters noted, is using ChatGPT for high-volume spear phishing — researching each target and writing personalized phishing emails. There were also demos of how ChatGPT could be used to search for and or combine malicious code, or even write malicious code from scratch.

Ontinue is leveraging ChatGPT to enable and augment the capabilities of the Cyber Defenders in our SOC — not just for identifying attacks or attackers. Our team provided a live demonstration of this at our presentation at the Microsoft stage.

3CX supply chain compromise remains in the spotlight

The 3CX compromise continues to be one of the key cyber events in 2023. During RSAC sessions, it was clear that in the coming weeks and months, many more companies will realize they’ve been impacted by this compromise.

As a double supply chain compromise – where 3CX itself was compromised through its software supply chain — it speaks to the risk of supply chain compromise, especially when threat actors can “chain” them together as they did in the case of 3CX.

Ontinue’s Threat Intelligence team has been actively monitoring 3CX from the get-go and we’ve been proactively taking measures and notifying customers whenever relevant.

Initial infection vector trends

Not surprisingly, threat actors continue to evolve their tactics, and leading IR firms are noting that exploits rank as the top initial source of infection during the past few years.

The rate of common vulnerabilities and exposures (CVE) disclosures is rising quickly and it’s proving difficult for organizations to keep up. Currently, we face a rate of ~500 new vulnerabilities per week. At the pace it’s increasing, that’s expected to escalate to 1,200 new vulnerabilities per week by 2025.

Ontinue’s perspective is this: given the anticipated acceleration of this trend, organizations simply can’t take an exhaustive approach to vulnerability mitigation. Instead, prioritization and focus are — and will continue to be — the keys to effective mitigation.

Unveiling a new MXDR paradigm

RSAC also served as the backdrop for countless meetings with Ontinue customers and channel partners, as well as Microsoft executives, who we collaborated with for networking events and demos conducted at the Ontinue booth and meeting suite.

Ontinue’s Chief Product Officer Tom Corn and Chief Innovation Officer Drew Perry presented on the Microsoft stage, highlighting the need for faster threat detection and response, proactive threat prevention, and reducing overhead and tool complexity.

In their presentation, The New MXDR Paradigm: Nonstop SecOps through Real-time Collaboration and AI-Driven Automation, Tom told attendees that in a world of nonstop threats, nonstop growth and nonstop change, our legacy approaches are holding us back. Traditional ticketing systems, manual incident investigation and response, myriad tools each with their own portal, siloed responsibilities, and communication — they all lead to nonstop firefighting, frustration and stress.

But together with Microsoft, Ontinue has introduced the concept of “Nonstop SecOps,” a new paradigm for managed extended detection and response (MXDR). Nonstop SecOps is characterized by its focus on operationalizing security through real-time collaboration and AI-driven automation, while using the Microsoft products you already own.

Drew demonstrated Ontinue ION, which provides real-time collaboration and access to critical information through dashboards embedded directly in Microsoft Teams. This avoids introducing yet another portal and allows organizations to use their existing tools. The presentation also covered how Ontinue uses AI to enhance automation and accelerate incident detection, investigation and resolution, and showed how ION’s SecOps Cost Optimization capabilities help organizations manage ongoing data costs.

And if you missed the discussion on cost optimization or the demo of Ontinue ION, you can still Request a Demo.

Ontinue Wins Microsoft Security Services Innovator and InfoSec Awards

As a testament to the Ontinue ION approach to MXDR, we were the proud recipients of the Security Services Innovator award at the Microsoft Security Excellence Awards at the start of RSA.

“Winning a Microsoft Security Excellence Award for the second consecutive year is a tremendous honor. Receiving the ‘Security Services Innovator’ award is a particularly special distinction given Microsoft’s almost five decades of experience pioneering industry-disrupting innovations,” said Geoff Haydon, CEO of Ontinue said in the announcement for this award.

The fact that the Microsoft Security Excellence awards are voted on by our MISA member peers in the industry, as well as Microsoft stakeholders, gives this award even greater significance.

Ontinue was also pleased to have won two awards in the coveted 2023 Global InfoSec Awards program, with CEO Geoff Haydon winning the ‘Top Chief Executive Officer’ category and the Ontinue ION managed extended detection and response (MXDR) service winning the ‘Publisher’s Choice Managed MDR Service Provider’ category.

This is the second year in a row we’ve taken home the MDR trophy in the Global InfoSec Awards, following our 2022 victory (back when our MDR division still used the Open Systems brand name).

When is it right to build or buy a SOC?

Given the volume of information that needs to be protected, the shift to hybrid cloud, and talent shortage, creating a modern SOC is a challenge many midsize companies are experiencing.

During RSA Conference 2023, Ontinue CEO Geoff Haydon sat down with Information Security Media Group at RSAC where he discussed the barriers that prevent organizations from establishing a modern SOC, considerations for improving security operations, and how Ontinue ION responds to customers’ needs with a solution that addresses their challenges.

Watch the video below or read the article: SOC: Build vs. Buy – When Is It Right?

See ION for Yourself: Request a Demo

Ontinue is also pioneering the use of generative AI and automation to accelerate the detection and response to threats faster than ever before. If you’d like to learn what Ontinue ION can do for your organization, I’d encourage you request a demo today.

Sharing
Article By

Vijay Viswanathan
Product Marketing Manager

Vijay Viswanathan brings over a decade of experience in the technology sector in Europe and the Americas, in organizations ranging from early-stage start-ups to multinational corporations. Vijay has a master’s degree in Computer Science from the Swiss Federal Institute of Technology in Lausanne and a bachelor’s degree in Computer Science from Clark University.