RSA Roundup 2024: Druva's Top Takeaways from the World’s Foremost Cybersecurity Conference

Justin Augat, VP, Product Marketing & Communications and Mike Taylor, Content Marketing Manager

If you are in the cybersecurity industry, the RSA conference needs no introduction. 2024 was Druva’s first year attending this landmark conference, and we were proud to be a part of an event that brings the cybersecurity industry together and empowers the collective "we" to stand against cyberthreats. The event took place from May 6th to 9th, in San Francisco and attracted over 41,000 attendees, 650 speakers, 600 exhibitors, and 400 members of the media. In case you missed RSA, this blog will summarize the major themes from this year’s conference to help you understand what the cybersecurity industry is collectively thinking.

Tackling GenAI

Unsurprisingly, GenAI was one of the most talked about topics in the conference. In a poll, 81% of C-level executives said that they wanted to do something with GenAI, but only 24% of them had some sort of security applied to it. Security teams are still looking for mechanisms where the IP and other forms of data of the organization are protected without limiting the possibilities of what we can achieve using AI.    

Cybersecurity leaders are also worried about threats using GenAI. Bad actors are continuously looking for ways to weaponize AI. Security experts are still trying to understand how an attacker will use GenAI and how organizations can use AI to thwart these attacks. Everyone is still figuring out the usage and implications of GenAI knowing that this is just the beginning.

Druva is also expanding our horizons via GenAI and has unveiled a groundbreaking innovation that redefines how customers manage and interact with their data protection platform. First announced in October, Dru is the market’s first fully integrated AI copilot for all things backup, security, and more. Dru lives within the Druva platform and empowers customers with intuitive, adaptive assistance — via the chatbot, users simply ask in plain English and Dru responds.

What Can Dru Do for You?

  • Instant Answers: Provides immediate solutions to product and service inquiries. Ex. “How would I create a new backup policy?”

  • Guided Troubleshooting: Resolves issues seamlessly with guided conversations. Ex. “How do I fix a ‘no storage’ error?”

  • Personalized Insights: Delivers tailored recommendations to maximize customer experience. Ex. “Show me all backup failures from the last 24 hours.”

  • Seamless Support: Navigates the Druva console effortlessly to get tasks done smarter and faster — Users connect directly with our incredible Support team if needed. Ex. “Connect me to a Druva support rep.”

Doing More with Data

Data was a big focus area. Organizations were interested in getting to understand their data better. Questions such as what is generating data, where is that data stored, how is the data classified and tagged, and how to protect this data were hot-button issues in several discussions. Gaining visibility continues to be a challenge for cybersecurity teams seeking to protect data and workloads. 

Druva's approach to incident response and recovery (IRR) is designed to offer comprehensive and robust protection through various advanced features. Via our 100% SaaS platform, we monitor the security of your backups, and these capabilities integrate seamlessly into security information and event management (SIEM) tools. Security teams get full access to monitor their backup environments continuously, and Druva’s dedicated security telemetry operates 24/7 to detect anomalous behaviors.

A key feature of Druva's solution is the visibility and access it offers to data changes, along with a detailed history of changes and audit logs. This transparency is crucial for effective monitoring and quick identification of suspicious activities. Druva enhances its cyber response and recovery capabilities through automation and orchestration, and further bolsters your defenses with features like threat hunting to locate, quarantine, and delete threats. Finally, Druva's unique Curated Recovery feature automates the process of recovering only clean data. Users have the option to recover to a sandbox environment to further ensure there’s no possibility of reinfection post-recovery. To support post-incident activities, Druva provides contextual and historical data that is invaluable for forensics, root cause analysis (RCA), and understanding the impact on data. This comprehensive approach ensures that organizations can not only respond to incidents swiftly but also recover with minimal impact, maintaining data integrity and security throughout the process.

Rapid Response to Breaches

Dealing with ransomware and other forms of cyber attacks continues to be one of the top priorities. In this year’s conference, experts emphasized shifting our focus from prevention and direct it toward detection and response. Several attacks continue to target older vulnerabilities where there are known patches. A good example is log4j from 2 years ago. 

Bad actors have become much smarter and seem to have new ways of finding victims. Now, there is a much wider variety of threats. 

  • Spray and pray types of attacks target older vulnerabilities because the effort involved is minimal but the reward can be big.

  • Quick attacks are another kind where the objective is to infiltrate a single compromised account so that hackers can steal or encrypt enough sensitive data to extort a ransom. 

  • Attackers are looking to modify their techniques and tactics to fine-tune smaller-scale attacks. 

  • There has been a rise in much more sophisticated targeted cyber attacks. 

Druva's commitment to rapid response is exemplified through its 24/7 continuous monitoring of the backup environment, coupled with proactive notifications for potential issues. Anomalies are swiftly identified, and granular data logs enhance incident response capabilities. Druva offers built-in zero-trust security and collaborates seamlessly with EDR tools, issuing alerts for data deletions, encryptions, and access activity. This proactive approach empowers your team to assess and minimize an incident's impact, all without disrupting production. 

A big advantage is that all the infrastructure needed for this analysis is hosted and managed by Druva, so you don’t have to juggle between using your backup infrastructure for incident response vs. backup operations.

Put Your Data Security on Autopilot with Druva

Identify threats, speed up your IR workflow, and recover fully with Druva — want to learn more? Read the white paper to get three steps to boost your data security posture, and discover how Druva supports you every step of the way.

Ready to put your data security on autopilot, responding to and recovering from cyber incidents faster than ever before? Schedule a meeting with us now.

See you in San Francisco for RSA 2025!