Unpacking RSA 2025: A Conference-Event Review
This week, I attended the 2025 RSA Conference at the Moscone Center in San Francisco, where five major themes emerged: cybersec startups, artificial intelligence (AI), identity security, automation and especially interesting was the emergence of industrial and critical infrastructure security (“ICIS”).
AI Agents Take Center Stage
At RSA 2025, "agentic AI" dominated conversations and exhibitions. While agent technology is emerging across all technological domains, these autonomous cybersecurity systems mark a significant leap in efficiency—capable of performing complex security operations with minimal human oversight, all within defined governance frameworks.
Industry leaders demonstrated how these autonomous agents can transform security operations centers by:
Providing continuous 24/7 threat monitoring and response
Addressing the persistent cybersecurity talent shortage
Freeing human analysts to focus on strategic threats and complex scenarios
Despite enthusiasm, discussions acknowledged important concerns about accountability, decision-making transparency, and potential unintended consequences of autonomous security systems.
Big Tech's AI Pivot Reshapes Investment Landscape
In conversations with business development executives from leading OEMs, I discovered how AI has fundamentally altered corporate priorities:
AI now dominates internal product development roadmaps
External investments and acquisition strategies heavily favor AI technologies
This intense focus has effectively "drowned out" other cybersecurity business development activities
Additionally, these companies are increasingly prioritizing internal development over acquisitions. This shift stems from disappointing integration results from acquisitions made in the past two to five years, which executives admitted were often driven by FOMO. The difficulties in successfully integrating teams—particularly go-to-market functions—and technologies have created a noticeable hesitation around non-AI acquisitions, especially those related to agent technologies.
Identity Security Innovations
The conference showcased significant advancements in identity protection, including:
Passwordless authentication solutions
Mobile passkeys implementation strategies
Phishing-resistant authentication methods
AI-driven identity governance aligned with the updated NIST Cybersecurity Framework
AI's Expanding Security Footprint
Beyond product demonstrations, the conference explored AI's broader implications for cybersecurity through sessions focused on:
Advanced threat detection capabilities
Proactive vulnerability management
Ethical considerations for AI deployment in security contexts
The dual-use nature of AI technologies that can both strengthen defenses and be weaponized by adversaries
Emerging Innovation Spotlight
The RSAC Startup Launch Pad highlighted promising companies tackling pressing security challenges:
Culminate: Advanced cloud security solutions. It was also the overall winner. (Announcement here)
Knostic: Novel AI-driven threat detection approaches
Tamnoon: Innovative security automation platforms
These emerging companies garnered significant attention for their fresh approaches to persistent cybersecurity problems.
Industrial and Critical Infrastructure Security
Industrial cybersecurity, especially for operational technology (OT) and critical infrastructure, has moved into the mainstream. The RSA conference emphasized the need for proactive, collaborative approaches to protect energy, manufacturing, and transportation sectors, with AI and machine learning driving advances in threat detection and response.
Conclusion
As RSA 2025 concludes, the convergence of agentic AI, advanced identity solutions, and thoughtful automation clearly establishes the foundation for the next decade of technological advancement. These technologies represent the building blocks of a future where security becomes both more powerful and more invisible, enabling unprecedented protection while creating new opportunities for innovation and strategic partnerships. The lessons from previous integration challenges are informing a more measured approach to technology development, positioning forward-thinking organizations to create security ecosystems greater than the sum of their parts—promising convenience without compromise, automation that amplifies human potential, and business combinations driven by strategic value rather than market hype.