RSAC 2024: "The Art of Possible" (and the Era of Peak AI Hype)

Just landed back home and finally decompressed after a massive week at Moscone for RSAC 2024. If there was one inescapable reality on the expo floor this year, it’s that we are living in the era of the Generative AI arms race. The official theme was "The Art of Possible," but it honestly felt more like "The Art of Figuring Out What AI is Actually Doing to Our Networks."

Between the endless swag and the sea of vendor pitches, here are my top three takeaways for the year ahead:

1. The GenAI Double-Edged Sword

You couldn’t walk ten feet without seeing "AI-powered" or "Copilot" plastered on a booth. But the conversation is maturing. We are officially moving past the honeymoon phase of ChatGPT and realizing that adversaries are weaponizing AI just as fast as we are.

• The biggest technical focus? Securing the AI itself. Protecting LLMs against prompt injections, data poisoning, and sensitive data leakage is going to consume a massive chunk of our cybersecurity budgets moving forward.

  
  

2. "Secure by Design" Moves from Buzzword to Mandate

With the spotlight glaring on the software supply chain (and increasing pressure from government frameworks), the days of "bolting on" security right before deployment are over.

• We heard constant chatter about the critical need for SBOMs (Software Bill of Materials) and taking a radical Secure by Design approach. If security isn't baked into the absolute foundation of your architecture—especially when deploying AI models—you're already playing a losing game.

  
  

3. The Evolution to Human Risk Management (HRM)

We all know the staggering stat: the vast majority of breaches still involve a human element. But what I loved seeing this year was the shift away from boring, generic "compliance training" videos. The industry is pivoting to Human Risk Management (HRM). It’s about understanding user psychology, using behavioral data to intervene in real-time, and giving employees the context they need to make safe decisions without slowing them down.

The Bottom Line

RSAC 2024 proved that while the technology is changing at breakneck speed, the foundational mission remains exactly the same. The organizations that win won't be the ones that buy every single AI tool on the market—they’ll be the ones that consolidate their platforms, simplify their architecture, and focus relentlessly on resilience.