Once again, the cybersecurity community made its collective annual trip to the RSA Conference in San Francisco, CA from May 6-9. Met with much anticipation, exhibitors excitedly displayed the latest and greatest innovations since the industry last gathered in April 2023.

With more than 40,000 attendees and 600 exhibitors, it can be difficult for even seasoned marketers and analysts to cut through all the hype. But with decades of experience and a deep passion for the show, Merritt Group’s Security Practice immersed itself in the event to understand the trends that matter most.

Here are the three main takeaways cybersecurity marketers need to know as they head into the second half of the year.

Artificial intelligence is continuing its reign

History repeats itself, and AI hype dominated the event just as it did in 2023. As marketers, our job is to understand which AI-related conversations are meaningful and educational, and which are simply adding noise or latching to the buzzword of the day.

Speakers from major market players drove conversations around all of the facets and nuances of AI in today’s digital world—from the capabilities of AI in empowering security professionals, to the focus of securing AI in the context of an innovative threat landscape, and more. While there are nearly endless AI-related discussions to be had, we heard one common theme throughout the show. For all of AI’s buzz and popularity, it is not yet viewed as the one-stop solution. Instead, it is a tool that can augment existing cybersecurity practices when used properly.

Generally, the security industry acknowledges that just as much as defenders are using AI for good, it is also being employed by threat actors to launch attacks in entirely new ways. AI is raising the stakes across the board—even the FBI issued a warning about the magnitude and ease of which attacks can be carried out by using AI.

At Merritt Group, one of the many reasons why we are passionate about security is because we feel a responsibility to spread the word about such important issues. In the age of AI, it’s more important than ever to ensure the messages we’re developing and disseminating are accurate, insightful and deliver value. In other words, marketers play a direct role in the spread of information today, and we must do our part to combat the noise by educating the target audiences with the information they need most.

More federal guidance and strategy in the forecast

At the show, U.S. Secretary of State, Antony Blinken, unveiled a $3.5 trillion spending plan by the Biden Administration to ensure America remains competitive in the technological landscape. The plan is also geared toward collaboration across nations to create a standard set of rules and regulations for the safe and ethical use of emerging technologies.

Just a few days after the show, nearly 70 companies signed CISA’s “Secure by Design” Pledge, including Microsoft, SentinelOne, IBM, Amazon Web Services, and more, demonstrating their commitment to ensure security and track adversary breach attempts during the first-time setup of products.

As industry and government leaders work together to establish a united security front, marketers need to keep up with policy conversations, ask smart questions, and ensure messaging evolves appropriately with the changing tides of the federal landscape.

Increased cyberattack longevity and impact

Inside the Moscone Center, attendees pored over the cyberespionage group, Volt Typhoon. Its ability to evolve and attack U.S. critical infrastructure systems was a reality check for defenders in state-sponsored threats and how severely they can disrupt government networks and devices. With the threat group initially surfacing in 2021, multiple CISA advisories being issued throughout 2023 and into 2024, and now this discussion warning of the future impact of Volt Typhoon, it is clear that these attacks are getting stealthier and more evasive.

Another significant topic of conversation was the February 2024 attack on Change Healthcare, which resulted in an estimated 33% of Americans having their sensitive health information leaked to the dark web. The attack has sparked conversation from government officials, such as Deputy National Security Advisor, Anne Neuberger, who advocates for healthcare organizations to revisit their security and data protection strategies in order to mitigate risks and minimize impacts of incidents.

This means that the role of the marketer will no longer stop at breach notification and evaluation of impact. Greater transparency of processes to resolve persistent cybersecurity incidents will be needed to ensure trust in the organization and repair reputational damages.

We can certainly expect more discussion surrounding these topics as we wrap up the first half of 2024 and head into H2. However, these three trends were only a part of the overall conversation that took place at RSA.

It is always a great opportunity to learn from the best and brightest in the cybersecurity industry about where the industry is and where it is going for the rest of 2024 and beyond. Our team looks forward to closely monitoring these trends over the next couple of months ahead of Black Hat, while continuing to gather unique perspectives from our clients.

Next stop for Merritt Group: Gartner Security and Risk Management Summit! If you want to learn more about the convergence of cybersecurity and media and how we can help your brand make an impact in your market, we would love to connect with you at the conference. Otherwise, check out our security practice group and public relations services.