At RSA Conference 2023, tales of real-world cyberattacks and warnings of fearsome new threats

The challenges of securing organizations haven’t changed much in the past year, and that means there’s still a lot more that needs to be done — especially as generative artificial intelligence and chatbots will require new tactics to fight attackers.

That’s according to two panels that presented at last week’s RSA Conference in San Francisco. Among their other findings: Responding to incidents still could be better with more threat sharing and better public/private partnerships, analysts still have some tough sledding ahead as these new attacks appear almost like clockwork, and there’s still a burning need for more training of new professionals in the field.

There are some bright spots, such as the way analysts quickly figured out the 3CX supply chain attack and shared its particulars. But ransomware and data extortion are still popular attack methods, and the bad guys are getting better at finding and fooling their target victims.

The first panel was a perennial favorite at the conference, organized by the SANS Institute, a leading security training and education nonprofit. Moderated by Ed Skoudis, who is president of the SANS College, it featured SANS’ top cybersecurity instructors with many decades of collective cybersecurity experience: Heather Mahalik, a senior director at Cellebrite DI Ltd.; Katie Nickels, director of threat intelligence for Red Canary and one of the contributors to the Mitre ATT&CK framework; and Stephen Sims and Johannes Ullrich, both of SANS.