May 15, 2024
Cyber Risk

RSAC 2024 Recap: Safe Security's Big Week in San Francisco

A Game-Changing Approach to TPRM, Exclusive Events, and more

By Sachin Jha

As we look back on an eventful week at the RSA Conference (RSAC) 2024 in San Francisco, it's clear that the cybersecurity landscape and the solutions needed to protect enterprises from growing threats are rapidly evolving. It was a whirlwind of innovation, collaboration, and networking.

Safe Recognized as a Top Cybersecurity Innovator

The inclusion of Safe Security in CRN's "20 Coolest Cybersecurity Products at RSAC 2024" list highlights our leadership in delivering innovative cybersecurity solutions. Our newly launched Third-Party Risk Management (TPRM) module has quickly captured the industry's attention. What sets Safe apart is our approach to TPRM is not only about managing risks but also about transforming them into strategic opportunities for resilience and compliance. This recognition is a testament to our commitment to innovation and excellence in cybersecurity. We continue to push the boundaries of what's possible, ensuring that businesses have the tools they need to navigate the complexities of modern cyber environments effectively.

This year, Safe Security significantly advanced the conversation around Third-Party Risk Management (TPRM), a topic that is increasingly vital in our interconnected digital world. From unveiling our new third-party solution to exclusive events that generated fantastic discussions, here's a recap of our exciting activities and some key insights that will shape the future of cybersecurity:

  1. CISOs Demand a TPRM Revolution
  2. In last year's RSAC Executive Security Action Forum (ESAF) report, CISOs expressed that the old ways of managing third-party risks aren't working. This year, as attackers target weaker vendors to breach larger companies, we witnessed similar sentiments being echoed.

    “87% of Fortune 1000 companies faced major cyber incidents from third parties...”

    This shows the need for stronger, more effective risk management strategies. Traditional methods like self-assessment questionnaires and cybersecurity ratings fail to accurately measure or reduce risk. John Scimone from Dell Technologies critically notes, “We have to challenge ourselves to stop wasting money, stop wasting time, stop pretending, and ask, 'Where could we make investments that could actually meaningfully buy down risk?’”. Innovative approaches to TPRM are essential.

  3. SAFE's Expansion to Transform TPRM
  4. We kicked off the conference with a bang, unveiling our new third-party risk management solution - Safe TPRM: “Safe to replace SecurityScorecard and Bitsight with the industry's first risk-based third-party management platform that radically reduces cost and time.

    Designed to address the critical needs highlighted in recent discussions among top CISOs, our solution quantifies the financial impact of risks like ransomware on third-party vendors in dollars, making it actionable and understandable for businesses. As Saket Modi, our co-founder and CEO, emphasized, "We actually quantify the risk in a way the business can understand it."

    This aligns with the urgent call for more effective risk management strategies, as traditional methods just aren't cutting it anymore. The reception was overwhelmingly positive, affirming our direction towards making cybersecurity risk quantification straightforward and business-centric.

    Discover how SAFE TPRM can transform your approach. Schedule a Demo to speak with our experts!

  5. How SAFE TPRM Helps You Achieve “Cyber Risk Singularity”
  6. We brought the concept of “Cyber Risk Singularity” to the RSA Conference. "Singularity" typically represents a point where a measurable variable reaches an infinite value. In our context, it symbolizes a pivotal breakthrough in how cyber risk is perceived and managed. For a CISO or a CIO, the critical concern isn't just about where a risk originates—be it their own infrastructure, a third-party vendor, or a SaaS application. Our mission with Safe TPRM is bold yet straightforward: to enable every company in the world to achieve cyber risk singularity. This means providing a tool where the risk of data exfiltration, whether from an internal data center or a third-party service provider, is comprehensively visible and quantifiably managed from one place.

  7. Embracing Risk Quantification with FAIR Automation
  8. At RSAC 2024, Cyber Risk Quantification and Management was also a major focus, with discussions emphasizing the need to quantify cyber risks in financial terms. The conference attendees were keen to learn about how SAFE's CRQM approach of quantifying cybersecurity risks in dollars transforms decision-making processes within businesses.

    Our analysis of incidents, like the recent attack on UnitedHealth Group was the talk of the town and shows that traditional risk assessments can underestimate potential damages significantly. By offering a detailed and dollar-quantified view of potential threats, Safe Security enables companies to make more informed, strategic decisions about their cybersecurity investments and third-party interactions.

    Learn more about how SAFE quantifies cyber risk powered by FAIR-MAM: Explore the Safe Materiality Assessment Module

Quic Glance on Events

  1. Scaling and Automating FAIR: Happy Hour Success
  2. Our happy hour event, co-sponsored with IHG Hotels & Resorts and the FAIR team, was a highlight of the week. We delved into the latest advancements in automating quantitative risk management. The conversation was lively and insightful, with many attendees excited about how the SAFE One platform revolutionizes risk management by making it scalable and automated. The success stories shared by the CISO and VP, Security Governance, Risk & Compliance from IHG, showcased the real-world benefits of integrating quantitative approaches in their operations.

  3. Navigating CISO Personal Liability in 2024
  4. One of our exclusive sessions featured Nicole Perlroth, a renowned cybersecurity reporter. She tackled the pressing issue of CISO personal liability in the wake of data breaches. This invitation-only event provided valuable strategies for CISOs to protect themselves and navigate the complexities of accountability in today's cyber-threat landscape. The insights offered were practical and provided a deeper understanding of the evolving responsibilities and pressures security leaders face.

    Discover how CISOs can minimize personal liability and how not be singled out by the SEC and the Board with a defensible risk practice.

  5. Bubbles & Bytes: A Toast to Innovation
  6. Our "Bubbles & Bytes" reception, co-hosted with Mosaic Insurance and Howden Insurance Brokers, was an elegant affair that brought together industry experts from the insurance sector. This invitation-only gathering was the perfect backdrop for introducing SafeInside, the world's first "inside-out" cyber risk quantification and underwriting platform. The platform's innovative approach to integrating risk management directly into insurance practices resonated well with the attendees, setting the stage for transformative collaborations in cybersecurity insurance.

Leading the Way in TPRM Innovation

RSAC 2024 has been a pivotal moment for Safe Security. The enthusiastic reception to our Safe TPRM module and our broader risk management solutions reflects a market ready for change. As businesses continue to navigate the complexities of digital threats, Safe Security remains committed to leading the charge in transforming how companies assess, quantify, and mitigate third-party risks.