RSAC Research Note
By Jean S. Bozman, Cloud Architects LLC
This year’s RSAC 2025 conference in San Francisco “took the temperature” of the security and cybersecurity markets – leading many of the conference’s 40,000 + attendees to the conclusion that platforms will be the most effective way to organize and manage security processes across customers’ public clouds, private clouds and on-site data centers. The RSAC Conference was held at the Moscone Center from April 28 to May 1.
The reasons why this is happening are clear:
1. The Cybersecurity Landscape is changing
The cybersecurity landscape is itself changing, because computing increasingly relies on clouds. Cloud services now account for a significant portion of any enterprise’s IT workloads, with SaaS, IaaS, storage-as-a-service (StaaS), and database-as-a-service (DBaaS) as prime examples. Cloud service providers (CSPs) themselves are providing cloud solutions. Still, there is a need for CSPs and in-house data services to collaborate in order to deliver a unified view of cybersecurity threats.
2. Leveraging AI to Harmonize Cybersecurity Measures:
Harmonizing cybersecurity measures across the enterprise is a daunting and sizable task. It has long been a complaint among CIOs and CISOs that there are too many security products to manage simultaneously. Now, IT managers are looking at leveraging AI to help them manage security software across their organization’s IT landscape. It’s true that the vast amount of data to be analyzed by AI means there are some practical limits to accelerating the tasks associated with cyber protection. However, the increasing use of AI is undeniable, extending far beyond ChatGPT document creation and encompassing a wide range of enterprise applications and data management across the organization.
3. Connecting the Security Software Tools for Unified Views
In recent years, a multitude of security software products have become available, each of them focused on a specific aspect of enterprise computing and cloud computing. However, the multiple tools, the growing expense, and the interconnects were taxing the talents of IT professionals working to improve cybersecurity against a wide variety of cyber threats. Indeed, finding enough employees with the needed skill-sets is becoming difficult for many organizations. More software tools arrive every year – and the total number of security administrators, data managers, and security officers on-staff will not grow as rapidly as the number of security products deployed on-site. As a result, IT skillsets often fail to keep pace with the available tools for managing cybersecurity threats. In many cases, the solution will be to leverage AI and agentic AI to build a more unified view of cyber threats across a customer’s entire IT landscape.
4. Building on Security Standards and Cryptography:
At the RSAC conference, we noticed that AI models and tools are rapidly becoming key to enhancing cybersecurity measures for threat detection and response. Added to these are a wide variety of professional services, which will help to “knit” multiple cybersecurity measures into a broader, more comprehensive enterprise viewpoint to identify and address various types of cyber-threats. However, we should note that cryptography – and cryptographic “keys” – are also changing to respond to threats, including those expected to come from quantum-computing systems that could threaten traditional security standards and cryptographic keys.
The Cryptographer’s Panel, which was presented on Tuesday, April 29, provided insightful comments on the emerging threats related to traditional, or standard, cryptography. “Attackers can harvest now, [and] decrypt later,” said Raluca Ada Popa, of the University of California at Berkeley. “They can record encrypted data now, and [then] decrypt it later when quantum computers are ready for that. There is also concern for digital signatures and quantum-resistant signatures.” Summing up, she said: “If it’s recorded now, it can be decrypted later.”
5. Application Development with Open Systems is Increasing:
One major trend that appears to be unresolved is the growing number of application development projects that run on open-source software systems. Open-source development leverages Linux, open software tools, open-source containers built with Red Hat OpenShift and similar tools, and Kubernetes orchestration for scale-out distributed IT infrastructure. This openness allows more developers to work on the tasks-at-hand – including those outside the customer’s organization. Some of the speakers at the conference are encouraging customers to explore open-source coding even more, to develop a wider spectrum of open-source applications that protect against cyber-attacks and ransomware.
Summary: Consistency Counts for Securing End-to-End Infrastructure
Depending on a customer’s software environment, its use of public cloud services (e.g., AWS (Amazon Web Services), Google, and Microsoft Azure), and the skillsets of its application developers, a customer’s production environment is likely to be a hybrid cloud that combines multiple software types.
Hybrid clouds leverage both public and private (on-site and/or sovereign clouds) to run their portfolio of applications and to include a wider array of available data resources. This distributed environment was developed over the decade-plus since cloud technology emerged (post-2009) for commercial and enterprise uses. That’s why a close inspection of a customer’s existing infrastructure, including all of a customer’s data centers, partner data centers, and cloud environments, will be necessary to ensure a unified, consistent, and manageable end-to-end security environment.
RSAC Conference Announcements
At this year’s RSAC 2025 conference, many major vendors announced their platforms for collecting, analyzing, and managing security threats as they arise throughout multi-site companies. Among the larger vendors to announce new and updated platforms are Cisco Systems, Palo Alto Networks, CrowdStrike, Microsoft, and NVIDIA. (Please refer to the long list of RSAC announcement letters and vendor press releases for further details.)
The bottom line is this: Customers are seeking new leverage points that will enable them to gain more accurate views of enterprise-wide security and understanding how to improve it, while deterring cybersecurity and ransomware threats to a wide array of enterprise applications and customer data.
We couldn’t help but notice that many of the RSAC 2025 announcements focused on AI, GenAI, and emerging agentic AI capabilities that will take on at least some of the roles of longtime security administrators. These agentic-AI tools are new leverage points that will help customers gain a more accurate view of enterprise-wide security, while deterring a broader range of cybersecurity threats. New software tools are still emerging, and some of them must be proven to meet the full set of requirements of the commercial security software marketplace. Thorough testing will improve the ability to meet the full spectrum of resiliency requirements. We believe this situation is bound to improve as the new-and-emerging tools become more widely used.
Clearly, software providers and systems vendors are getting the message: Cybersecurity must be easier to defend than it is today. “Many companies have 13 to 14 years of data to protect and manage,” said one cybersecurity firm’s CEO. “There’s a lot of data gravity around that. And geopolitical tensions are causing shifts in spending patterns.”
What’s the best approach to finding data threats across your entire IT landscape? Although solutions will vary from customer to customer, all organizations must have an approach that acknowledges the magnitude and complexity of the task, as well as acknowledging the organization’s urgent business need to protect the network, data, and the business itself.
