Day three of the RSA Conference at Moscone West in San Francisco brought together industry experts and thought leaders to discuss the latest trends and challenges in the cybersecurity landscape.

During this week’s event, industry analysts John Furrier (pictured, right) and Dave Vellante (left) shared insights and engaged in conversations with venture capitalists, chief information security officers and representatives from hot startups and established players. The key theme that emerged was the role of security as a platform and its intersection with cloud-native networking.

“The number one story, in my opinion, is the platformification of security, where security’s trying to be a platform, but I don’t think they know what a platform is,” Furrier said.

The analysts discussed this and more at the RSA Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. (* Disclosure below.)

The platform ramification of security

One of the prevailing discussions revolved around the idea of security as a platform. Furrier expressed concerns about the current approach.

“The problem is you can’t please everybody. You’ve got to just build a platform with an objective — not trying to please … thousands of tools that are out there,” he said. “This market has to turn into an infrastructure platform and application stack fully baked with security. There’s going to be a lot of losers and some winners.”

There is a need for a security-first, artificial intelligence-enabled platform that serves as the foundation of a company’s architecture, though. And the significance of security in the context of cloud-native trends is critical, according to Vellante.

“Security is the platform that matters. It’s the new IT, because nothing runs without the network and security, period, being locked down and doing it in a way that enables developers to code fast,” Furrier said.

Cloud-native networking and secure architectures will transform the endpoint game and impact various security products, Vellante added.

While a platform is important, organizations shouldn’t confine security to a single department, Furrier pointed out. “The company’s platform has to be security-first, AI-enabled, period. That’s radical, structural, architectural thinking,” he said.

Security and network team collaboration

Furrier advocated for collaboration between security and network teams, asserting that a well-secured architecture could foster innovation without compromising operations, performance and scalability.

There is hesitancy surrounding the integration of generative AI in security. So, there is a need for cautious experimentation and improvement in this area, according to Vellante, who believes that the security industry needs to embrace cloud-scale automation and AI while addressing potential flaws and concerns.

“You’re going to see opportunity recognition from folks going, ‘OK, I’m going to start experimenting. I’m going to get into it.’ And then you’re going to see results and be like, ‘Let’s double down,’” Furrier said.

Vellante noted the disparity in the performance of security companies, with legacy players facing disruption while newer entrants experienced accelerated growth.

“There’s haves and have-nots in security,” he said. “You’ve got this big legacy installed base that’s ripe for disruption, that’s trying to hang on. Then you’ve got all these new companies hitting escape velocity, where CrowdStrike is on a path of $5 billion in ARR. Palo Alto Networks is doing very well. Fortinet is kicking ass.”

Furrier added that “it’s going to be interesting to see if the security guys can kind of come together with the network guys, who are the most powerful people in the enterprise, and say, ‘Let’s lock down an architecture that gives us the room to innovate without foreclosing any ops, performance and scale.’”

There is increasing vulnerability of critical infrastructure to cyberattacks. The analysts pointed to recent incidents, such as the SolarWinds hack and disruptions to meatpacking plants and oil pipelines, as clear indicators of the potential economic and societal impact. They also underscored the urgency for improved cybersecurity measures and government intervention to address these challenges effectively.

“There’s a real awakening to the societal impact of what cybersecurity is,” Furrier said.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference:

(* Disclosure: This is an unsponsored editorial segment. However, theCUBE is a paid media partner for the RSA Conference. Sponsors of theCUBE’s event coverage do not have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE