"Community. It’s what makes us strong in cybersecurity." These were the emphatic words of Hugh Thompson, executive chairman of RSAC, as he opened the RSAC Conference 2025. His address, setting the tone for the week, repeatedly underscored that in an era of escalating digital complexity and sophisticated harmful actors, the collective strength of the cybersecurity community – a direct manifestation of collaboration in cybersecurity – is not just beneficial but essential.
In a blog post from the conference, the consensus among the security community and industry leaders was that facing sophisticated, often globally coordinated digital sources of disruption requires a united front. As reported by ITPro, collaboration can be as simple as pairing cybersecurity employees with data scientists, so they can compare notes. The era of siloed defense is rapidly giving way to an understanding that shared knowledge and coordinated action are paramount for collective resilience.
Strengthening public-private partnerships
The call for community resonates strongly with the ongoing efforts to bolster public-private partnerships (PPPs). At RSAC Conference 2025, the dialogue around PPPs stressed the vital link between government agencies tasked with national cyber defense and the private sector entities that manage critical infrastructure and vast data repositories.
These partnerships aim to facilitate a bidirectional flow of information: government agencies can provide declassified intelligence on emerging digital challenges and harmful actor tactics, while private enterprises can share real-time observations of harmful activities encountered on their networks. The goal is to create a more comprehensive understanding of the environment of digital challenges, enabling faster, more coordinated responses to protect critical services and the broader digital ecosystem. Emphasis was placed on overcoming traditional barriers such as speed, trust, and actionable intelligence delivery within these frameworks.
Advancing intelligence sharing ecosystems
Security intelligence sharing is fundamental to collaborative defense, and RSAC Conference 2025 highlighted advancements in enhancing these ecosystems' effectiveness. Moving beyond the simple exchange of indicators of compromise (IoCs), there is an increasing emphasis on sharing richer, contextual intelligence, including comprehensive tactics, techniques, and procedures (TTPs), often aligned with standardized frameworks like MITRE ATT&CK. This approach enables organizations to transition from reactive blocking to more proactive defense strategies informed by harmful actor behavior insights.
Information sharing and analysis centers (ISACs) and information sharing and analysis organizations (ISAOs), tailored to industries such as finance, healthcare, and energy, continue to evolve, offering valuable sector-specific intelligence. Moreover, the automation of intelligence sharing through standardized protocols like STIX/TAXII is essential for disseminating critical information at machine speed, a necessity in countering fast-moving digital disturbances.
Thompson's guidance on learning from everybody encompasses both internal and cross-sector collaboration. Within organizations, it’s imperative to foster a security-aware culture where IT, security, development, and business units collaborate effectively. Externally, exchanging best practices across industries strengthens defenses against common digital issues, thereby enhancing overall resilience, as Thompson recommended.
Fostering internal and cross-sector cooperation
Collaboration isn't solely an external endeavor; it’s equally vital within organizations. RSAC Conference 2025 sessions underscored the need to break down internal silos, fostering closer cooperation between cybersecurity teams, IT operations, legal departments, and business units. Cultivating a culture where cybersecurity is viewed as a shared responsibility, rather than the sole domain of the security team, is essential. This includes integrating security considerations into the entire lifecycle of products and services, often referred to as DevSecOps.
Beyond individual organizations, cross-sector collaboration is also gaining traction. Harmful actors frequently reuse tools and techniques across different industries. By sharing experiences, best practices, and lessons learned, organizations in one sector can better prepare for challenges that have already impacted others. This broader learning loop enhances the defensive posture of the entire business community.
The overarching message from RSAC Conference 2025 regarding collaboration in cybersecurity was one of urgent necessity and practical application. While challenges related to trust, data sensitivity, and operationalizing shared intelligence persist, the fundamental understanding is the benefits of working together far outweigh the difficulties. Building these collaborative bridges is no longer a strategic option but a foundational requirement for navigating the modern cybersecurity landscape.
-
Ugreen NASync DXP4800 Pro reviewReviews A great value 4-bay NAS with a top hardware spec and good 10GbE performance but Ugreen's software is playing catch-up with the competition
-
Hardware volatility continues to squeeze channel marginsMemory pricing, in particular, is causing tension and forcing the channel ecosystem to quickly adapt to fast-changing market dynamics
-
The key risks security teams face in 2026From AI-related flaws to supply chain risks, cyber professionals now contend with overlapping challenges
-
Observability will be key to agentic AI safety, says Microsoft Security execNews Agentic AI adoption will require a re-evaluation of enterprise risk management, according to Microsoft corporate VP
-
Enterprises need to think of agents as ‘digital co-workers’ – and that means implementing the same security safeguardsNews Practices such as zero trust and least privilege will be needed as agents gain access to sensitive enterprise data
-
Safe AI adoption rests on cybersecurity professionals, says RSAC chairmanNews With AI security a key talking point at RSAC 2026, executive chairman Hugh Thompson believes the industry can lead by example
-
RSAC in focus: Key takeaways for CISOsThe RSAC Conference 2025 spotlighted pivotal advancements in agentic AI, identity security, and collaborative defense strategies, shaping the evolving mandate for CISOs.
-
RSAC in focus: Quantum computing and securityExperts at RSAC 2025 emphasize the need for urgent action to secure data against future cryptographic risks posed by quantum computing
-
RSAC in focus: How AI is improving cybersecurityAI is revolutionizing cybersecurity by enhancing threat detection, automating defenses, and letting IT professionals tackle evolving digital challenges.
-
RSAC in focus: Considerations and possibilities for the remainder of 2025As 2025 unfolds, RSAC explores the pivotal considerations and emerging possibilities shaping the cybersecurity landscape
