RSA: Google Enhances its Enterprise SecOps Offerings With Gemini AI

The RSA Conference, held in San Francisco from May 6-9, brings together cybersecurity professionals from across the world. This year’s conference is buzzing with conversation about generative AI: how to use generative AI to protect against attacks and how to secure generative AI itself.

We’re rounding up the enterprise business tech news from RSA that is most relevant for IT and tech decision-makers. This article will be updated throughout RSA with more tech news highlights.

Google updates Google Security Operations and more with Gemini AI

Google is combining the security capabilities of information security company Mandiant and malware scanner VirusTotal with Gemini AI and Google’s own user and device footprint in a new offering called Google Threat Intelligence. Available May 6 wherever Google Cloud Security is distributed, Google Threat Intelligence uses Gemini AI to get a top-down look at security data, competing with Microsoft’s Copilot for Security.

In addition, Google announced:

• New curated detections for Google Security Operations that are designed to reduce manual processes and suggest outcomes relevant to the wider Google Cloud and updated to include recently-detected threats.
• AI consulting services from Mandiant, which can red team both an organization’s AI defenses and how an organization’s security could be compromised by AI.
• New services taking advantage of Gemini in Security.

IBM and AWS research: Generative AI’s unpredictable risks worry the C-suite

IBM and AWS published a report during RSA on how executives are thinking about securing generative AI. The report found that fewer than a quarter (24%) of respondents said they are including security as part of their generative AI projects — possibly a sign that hyperscalers have a niche to step into as the business of securing AI projects becomes more mainstream.

Most respondents were concerned about generative AI’s effect on security, with 51% saying they were worried about unpredictable risks and new security vulnerabilities arising, and 47% watching out for new attacks targeting AI. IBM pitched its Framework for Securing Generative AI, which was released in January 2024, as a solution.

Risk and governance frameworks will be key to help secure generative AI, IBM and AWS found in the report. In addition, IBM is extending its X-Force Red testing services to AI, including generative AI applications, MLSecOps pipelines and AI models.

SEE: It’s open season on Adobe’s Firefly and Content Credentials for select bug bounty hunters. (TechRepublic)

Proofpoint adds AI screening to email security products

At RSA, Proofpoint announced two novel email security services:

• Pre-delivery semantic analysis, the large language model-based detection of social engineering emails to stop email fraud or malicious links before they reach Microsoft 365 and Google Workplace inboxes.
• Adaptive Email Security, an Integrated Cloud Email Security solution with automatic quarantining and explanation of behavioral anomalies for high-value targets.

Both of these email security services are available May 6. Adaptive Email Security is available only on a rolling basis for select customers who already have standard email security packages and have identified high-risk employees.

Cisco and Splunk expand Cisco Hypershield

On May 6 at RSA, Cisco showed one of the first results of its March acquisition of Splunk. Cisco added two capabilities to its Cisco Hypershield data center and cloud security product, which can now:

• Detect and block attacks from unknown vulnerabilities within runtime workload environments.
• Isolate suspected workloads.

Cisco also announced that Cisco Identity Intelligence AI analytics are now available in the Cisco Duo security platform, adding specific tools to catch identity-based attacks.

Splunk announced on May 6 a new asset and risk intelligence solution called Asset and Risk Intelligence. Splunk Asset and Risk Intelligence is now in early access.

TechRepublic is covering RSA remotely.