Here are my top takeaways from RSA last week:
1) The cool new term is “agentic,” and there’s a lot less of it the further you get from the top of the org chart.
2) AI safety is out; AI security is in.
3) Nation state attacks have taken up the #2 position behind AI.
4) Someone gave the talk I wanted!
It’s agentic at the top
Just looking at the agenda ahead of time, it was pretty clear that the AI would continue to be the major theme of the conference. Given that LLMs are probably the most significant technology development of the past 20 years, that’s both reasonable and unsurprising. The hype, however, has moved from interactive chatbots to agents. From productivity to security to red-teaming, “agents” are going to do it all. Unless you ask the actual people doing the work, that is.
RSA is basically two conferences: there are the executive keynotes and celebrity panels (the iPad crowd); and then there are the workshops, training, and tactical presentations by the tech people (the laptop crowd). Agents were everywhere on the iPads but not very present on the laptops. Right now, “agentic AI” is a lot of fun to talk about, but it was abundantly clear that the details of actually implementing these agentic workflows do not exist. Even the startups that pitched agentic toolkits aggressively were, ultimately, surfacing information to humans.
Before these agentic tools get applied in real-world applications (especially security applications), the enormous issues of trust, integrity, and auditability will need to be solved, and I saw nothing over four days to convince me that we have gotten much closer on those fronts. Right now, the work that the cybersecurity teams actually do looks very much like the work they have done in the past. Everybody is, of course, worried about the bad guys using agents, unconstrained by concerns like trust and auditability.
Safety is out, Security is in
Safety seems to have become a bad word somewhere over the past year. I think there are two reasons. First, safety has become an overloaded term, encompassing everything from AI-powered infrastructure attacks to concerns about emergent artificial consciousness. I suspect that more mainstream researchers would prefer to avoid being associated with fringe issues like “AI welfare.”
Secondly, AI safety has negative commercial implications. RSA is a very corporate conference, and it turns out that large technology corporations tend to find a focus on “safety” about as appealing as chemical manufacturers and mining companies do. Security, on the other hand, has the secondary benefit of providing cover for avoiding transparency.
Nation-state attacks took center stage
Concerns about advanced persistent threats (“APTs”) by nation states were everywhere, and there were several genuinely fascinating presentations on the sophistication of these attacks and their increasing prevalence. The current era of global hostilities has only heightened these tensions.
The belief that China will invade Taiwan within the decade seemed almost a given among the many experts who presented, and many of the nation state discussions focused on our lack of resilience to deterrent infrastructure attacks that would be threatened in that scenario.
While these attacks are terrifying, it is easy to forget that the vast majority of damaging attacks tend not to come from extraordinarily-resourced attackers but from a different APT: what Brian Krebs has delightfully termed “advanced persistent teenagers.” These low-sophistication attacks often involve social engineering, credential stuffing, or taking advantage of unpatched endpoints. They aren’t nearly as much fun to talk about, but in terms of harm, they are by far the leader. The attack that shut down Colonial Pipeline was simple credential stuffing, and teenage social engineering groups were behind the Okta hack, the Vegas casino hacks, Snowflake, any many others. These high-impact/low-sophistication hacks are also what, in my opinion, will be most supercharged by AI. They are under-discussed because they are boring and technically uninteresting.
Gitlab for the Win
I didn’t really expect anyone to give the talk I put on my wishlist, but the team at Gitlab gave a brilliant presentation titled You Don’t Need More Security Products—You Need More Secure Products. Their entire talk is worth a listen (it's available on the site for attendees), but I think their most trenchant observation was that companies are measuring the wrong thing. Instead of tracking how many security issues are caught, dev teams out to measure how early these bugs are caught in development. They referred to this concept as “moving security to the left,” and if more projects thought about their pipeline in this way, we’d live in a safer world.
Thoughts for startups
As we have been saying for some time now, younger more nimble companies are best-positioned to take advantage of new technologies and can structure their entire product cycles to account for new threats. While an incumbent might watch that Gitlab presentation and write a memo, startup founders can implement those strategies today.
Go start a company, and then call us!
© 2025 Restive®, Inc.