Something old: Enduring challenges

Reactive Approaches to Threats: Despite technological advancements, the cybersecurity industry continues to struggle with a mostly reactive stance towards security threats-threats that are increasingly pervasive and creative. How, for example, could we possibly defend against a staggering 442 percent increase in voice-based phishing attacks (according to CrowdStrike)? The conference speakers repeatedly emphasized the need to adopt a more proactive stance. We have an urgent need for predictive and preventative solutions, such as behavior analytics tools and zero trust identity policies.

Infrastructure Attacks: Attacks on critical infrastructure, including OT/IoT systems and network devices, remain a significant concern. The advanced age of these legacy systems has made them an easy target for modern threats. Russian botnets are targeting home routers to infiltrate infrastructure, while Chinese actors have been discovered within oil pipeline OT systems. Insights from the NightDragon summit, featuring CISA, FBI and major enterprises, highlighted the persistent relevance of legacy systems in our cybersecurity strategies.

Something new: Emerging threats and fresh innovations

North Korea Took Our Jobs: A new nation-state threat has emerged. North Korean state actors have been infiltrating the IT job market. These actors use AI to create convincing LinkedIn profiles, resumes and cover letters, even employing deepfakes to pass interviews. This prolific threat targets recruiters, with individuals applying for hundreds of jobs and some even holding multiple positions within the same company under different identities! In addition to their access to vast amounts of confidential data, their salaries contribute to funding the North Korean weapons program, highlighting that this threat is both a physical and a digital concern.

Agentic AI: The next iteration of generative AI, agentic AI, is poised to revolutionize the way we do business. These AI agents can do more than answer simple inquiries. They can perform complex tasks akin to an intern, offering endless opportunities for streamlining all parts of an organization. The possibilities for defenders alone are immense! Imagine using an AI agent to automate the management of the over 22 billion daily events in security operations centers (SOCs) around the world, or to address overprivileged identity access management systems, or to provide continuous penetration testing for vulnerabilities. But this isn't just a tool for security teams. Utilizing agentic AI enhanced with asset data can boost observability and help prioritize efforts and resources across the entire organization. 

Something borrowed: Shared strategies

New AI, Same Old Attacks: While AI accelerates efficiency, we can rest assured that it is not autonomous and does not create new attacks. Instead, AI enhances existing threats, making them more effective, pervasive, and affordable. AI-enhanced reconnaissance, botnets, spear phishing, DDoS attacks and more are on the rise. Ransomware as a Service is becoming more accessible, with prices as low as one bitcoin, making cybercrime attractive to less tech-savvy criminals. But now is not the time for defenders to pack up and go home! Defensive technologies are also leveraging AI to enhance speed and efficiency, ensuring we remain resilient against these familiar threats.

Collaborative Defense: The need to unite the cybersecurity community across all geopolitical boundaries was a consistent theme throughout RSA. The panel session "AI-Enabled Cyber Crime" featured experts from around the world and emphasized the importance of collaboration in defense. They advocated for better threat intelligence sharing among law enforcement and harmonizing legal systems for international asset recovery. This open communication in the cyber community is our secret weapon and our best defense.

Something blue (Team): Unified efforts

Threat Exposure Management Platforms: The rise of Threat Exposure Management (TEM) platforms represents a proactive shift in cybersecurity. These platforms provide complete observability into an organization's digital ecosystem. They not only identify and mitigate threats before they cause harm but also provide insights into the financial risks of vulnerabilities. This enables security teams to quantify ROI for security projects, a critical feature for communicating value to executive stakeholders and aligning with organizational goals.

Community United: Throughout this year's RSA Conference, sessions underscored the importance of people: strong leadership, cultivating a healthy work environment, and finding courage through networking and mentorship. These sessions, beautifully contrasted against the excitement around artificial intelligence, truly exemplified RSA 2025's human-centered theme: "one community, many voices."

Just as a wedding celebrates the union of two individuals embarking on a shared journey, this conference illuminated the path forward through new solutions and collaborations. The insights and innovations shared at RSA will be key in shaping a more secure future. By embracing our cyber community, we affirm that we are truly "better together," ready to face the challenges of today and the opportunities of tomorrow.