RSA CONFERENCE — Artificial intelligence (AI) and cybersecurity took center stage on day one of RSAC 2023. The message: We need good AI to fight cybercriminals who use bad AI.

The theme of RSAC 2023 is stronger together. The massive conference in San Francisco is back up to pre-pandemic attendance levels.

Rohit Ghai, RSA’s CEO, discussed new challenges that AI puts on th cybersecurity community.

“AI will challenge our identity, our role in this world,” he said. “Bad AI will take us for a ride and identity is a sitting duck.”

The first technology wave was the internet and the second wave was mobile cloud, Ghai said. AI is the third wave, and it’s so loud “we can all hear the waves crashing.” AI can pass the bar exam, and create polymorphic malware.

RSAC 2023: AI Foundational in Cybersecurity, Identity Strategy

There are three reasons why AI is foundational in cybersecurity and identity strategy, Ghai said. Cybersecurity and identity strategy can’t be accomplished without it. Cybercriminals will use it to compromise identity and “we need AI to fight this.”

We’ll need AI to weed out false-positives and reduce security alert fatigue, he said.

“Threat actors have been using automation for launching attacks,” Ghai said. “Now they’re using AI for phishing attacks. We need AI on our side to stop attacks from bad AI. Identity is the most attacked part of their attack surface.”

AI can manage millions of identity privilege changes in minutes instead of hundreds in days in traditional cybersecurity, he said.

Multifactor authentication (MFA) isn’t doing enough to protect identity, Ghai said.

“We need solutions that ensure identity throughout its entire life cycle,” he said. “This is a super human problem and we need AI to pull this off.”

Next-Generation Identity Platform Powered by AI

The next-generation tech platform for identity will be open and integrated at the data layer, Ghai said. It needs a security-first approach and will be powered by AI.

AI in security doesn’t mean a replacement for people, he said. Most of the AI solutions companies are rolling out are “co-pilot” solutions. Many jobs will disappear because of AI, but in cybersecurity “we don’t have enough people as is.”

AI will make decisions easier and automate most identity workflows, Ghai said. Humans will supervise, and even if they exit their roles, they’ll still need to educate, supervise and regulate.

“We will make make sure good AI remains good,” he said. “We need to reimagine our role and our place in identity.”

See our slideshow above for more from day one of RSAC 2023.