RSAC in focus: Considerations and possibilities for the remainder of 2025

RSA Conference 2025 highlighted critical discussions and innovations shaping cybersecurity. With record attendance, the event showcased AI advancements like Cisco's open-source security model and Google's Gemini Security Agent, demonstrating AI's transformative impact on defense strategies and system economics. Emphasis was also placed on consolidating tools to streamline operations and enhance protection, urging leaders to balance innovation with accountability and preparation.

AI moves from initial excitement to robust engineering

Generative AI took centre stage at the Moscone Center, but the focus shifted from impressive early capabilities to governance and safety measures. Cisco’s Jeetu Patel emphasised that traditional adversarial simulation exercises have limitations, introducing an open-source foundation model tailored for security tasks. RSAC executive chair Hugh Thompson urged the cybersecurity community to embrace adaptive strategies as AI reshapes the financial dynamics of system intrusion attempts and digital protection. Microsoft showcased Security Copilot 2.0, now capable of generating detailed corrective action playbooks. The takeaway for CISOs: prioritise AI-driven security operations center (SOC) tools to improve response-time efficiencies, but prepare for new budget lines dedicated to model review and robust input validation testing.

The rise (and associated considerations) of agentic AI

The RSA Conference 2025 explored "agentic AI," focusing on its benefits and governance challenges. Autonomous systems like 1Password and Okta’s AI credential vaults are gaining traction, but concerns about oversight and accountability remain. SOCs must implement stringent logging to monitor actions, ensuring these agents operate securely and transparently.

Quantum-preparedness goes mainstream

As the Cryptographers’ Panel convened at RSAC 2025, veteran mathematicians—including RSA co-inventor Adi Shamir—warned that the industry’s fascination with AI is eclipsing a more pressing problem: the quantum challenge. Panellists argued that ransomware’s reliance on cryptocurrencies has distorted the original aims of public-key cryptography, yet they agreed the bigger danger is “harvest-now, decrypt-later” collection of today’s data before large-scale quantum computers arrive.

Their prescription was immediate crypto-agility: start mapping every RSA- or ECC-protected asset now instead of waiting for the final round of NIST post-quantum standards.

Regulators are now backing that urgency with hard deadlines. The UK’s National Cyber Security Centre roadmap sets 2028 for discovery of non-quantum-resistant keys and 2035 for full migration to quantum-resistant algorithms, explicitly warning against “last-minute chaos”. Australia’s latest Information Security Manual goes further, disallowing RSA, ECDSA and related primitives in high-assurance systems by 2030. Similar timelines are under discussion in Canada, Japan, and the EU, signalling that board-level compliance clocks are likely to start before the decade’s end.

Against that backdrop, RSAC speakers urged organisations to launch certificate inventories this summer, budget for hybrid transport layer security (TLS) deployments, such as X25519-Kyber, in 2026 and demand clear post-quantum cryptography (PQC) road-maps from vendors—steps that keep pace with both the regulatory deadlines and the accelerating digital challenge curve.

Consolidation and platformization accelerate

Cybersecurity vendors, like SentinelOne and Palo Alto Networks, are enhancing unified products with extended monitoring, identity protection, and cloud-native security. Analysts suggest platformization is a strategic priority to simplify tools and ease security team workloads. Organisations can streamline licenses, as vendors often negotiate margins for wider market reach, but experts recommend ensuring flexible API access for interoperability.

Identity and zero trust stay centre-stage

ProjectDiscovery’s victory in the Innovation Sandbox for its groundbreaking open-source system interface management suite underscores the growing intersection of identity and digital footprint management. A notable takeaway highlighted that machine identities now outnumber human identities in enterprises by a staggering ratio of 40:1. This imbalance is expected to drive new scrutiny of orphaned service accounts—a potential area of concern poised to compound further as the adoption of AI-driven agents accelerates.

Preparing for the Future

As cybersecurity evolves, organisations are urged to adapt swiftly. Experimenting with generative AI in SOCs can yield tangible progress in metrics like mean time to repair (MTTR). Meanwhile, mapping cryptographic weaknesses is no longer optional as regulatory timelines push post-quantum readiness to the forefront. With consolidation reshaping vendor landscapes, firms can secure favourable terms, provided interoperability isn’t compromised. Turning these pressing priorities into concrete strategies will define resilience in 2025’s cybersecurity realm.