I recently joined a record-breaking group of nearly 44,000 cybersecurity professionals at San Francisco's Moscone Center for the RSA Conference 2025. I've been attending the show for two decades. This time around, I was struck by the energy that comes from bringing our industry together in person again as I walked through the packed exhibition halls and met with clients, prospects, and media. This year's theme—"Many Voices, One Community"—captured the perspectives and purpose I felt during the week.
The Dual Nature of AI: Cybersecurity's New Reality
AI dominated virtually every discussion I had at RSA this year, but with a twist. A fascinating concept—"AI as defender and adversary"—emerged that captured the complex relationship our industry now has with artificial intelligence.
I saw countless demonstrations of how agent AI enhances threat detection capabilities, improves incident response times, and helps security teams stay ahead of threats while talking with vendors and clients. The defensive applications are impressive and demonstrate real progress in our collective security posture.
But there was an equally important counternarrative. Many executives were facing the same dilemma: for every advancement they make with AI, threat actors are making similar leaps. Bad actors leverage these same technologies to create more sophisticated attacks, quickly generate malware, and craft increasingly convincing social engineering campaigns. This technological arms race is redefining cybersecurity as we know it.
Identity Takes Center Stage
If AI was the technology dominating conversations, identity security was undoubtedly the operational priority. I saw an intensified focus on identity as the critical control point in modern security architectures across keynotes, sessions, and vendor demonstrations.
What struck me was how these two dominant themes—AI and identity—are increasingly intertwined. As organizations deploy more autonomous AI systems with varying access permissions, traditional identity frameworks are being pushed to their limits.
The Expanding Attack Surface: Non-Human Identity Security
One of the most thought-provoking discussions I had centered around an emerging security challenge: as more companies integrate agent AI into their operations, non-human identity management has become a critical security vector.
When an organization deploys dozens or hundreds of AI agents with various access permissions, each represents a potential entry point for threat actors. Traditional identity security focuses primarily on human users, but this paradigm is rapidly evolving. Several conversations I had with security leaders highlighted the urgent need for robust authentication and monitoring protocols for these non-human identities.
Hybrid Work Security: The New Perimeter
The security perimeter continues to evolve. I noticed numerous vendors addressing the challenges of securing distributed workforces. Three years post-pandemic, hybrid work is no longer an emergency response but a permanent fixture of our professional landscape.
This reality has forced a fundamental rethinking of security strategies. Zero-trust architectures, endpoint security, and identity-based access controls dominated product offerings, reflecting how completely the industry has had to adapt to this new normal.
This year, the increasing emphasis on security culture caught my attention. Companies know that technological controls alone cannot secure a distributed workforce—organizations must build security awareness into their culture. This human element of security was a refreshing counterpoint to the technology-focused conversations that typically dominate RSA.
The Changing Nature of Industry Events
One observation that's become increasingly clear to me over multiple RSA Conferences is that, while the show floor remains impressive, so much also happens on the periphery.
This shift doesn't diminish RSA's importance. In fact, the gathering itself enables these valuable side conversations. But it does highlight how the industry values the in-person connections that happen around the official program. Despite all our digital collaboration tools, there's simply no replacement for face-to-face meetings, as evidenced by the packed networking events I attended throughout the week.
These informal environments often lead to more authentic and productive discussions than formal meetings. The desire for in-person connection post-pandemic remains stronger than ever, with many prospects expressing genuine enthusiasm about having face-to-face conversations again.
Media Relations in a Crowded Landscape
At Treble, we timed the release of our latest Cybersecurity Media Pulse Report to coincide with RSA. This timing gave me some fascinating data points to discuss with clients and prospects. One finding particularly resonated during my conversations: cybersecurity reporters increasingly prioritize availability over deep technical expertise when selecting sources.
This preference reflects what I've observed firsthand. With more security companies and experts vying for attention and fewer journalists covering the beat, being responsive has become a competitive advantage in PR.
The speed of the media landscape continues to accelerate, creating a challenging environment where more cybersecurity companies compete for coverage from a shrinking pool of journalists. Our Media Pulse findings confirmed this trend, highlighting the growing importance of quick response times and media readiness for companies seeking to break through the noise.
Case Study: Strategic Announcement Planning
Our work with Anatec during the conference demonstrated the strategic value of proper PR planning. Recognizing the media saturation that happens during RSA, we implemented a proactive approach by pre-briefing key reporters several weeks before the event.
This strategy wasn't improvised. It was the result of careful planning that began months before RSA. We knew that reporters would be overwhelmed with announcements during conference week, so we deliberately scheduled briefings with key media outlets weeks in advance. By respecting journalists' time constraints and giving them ample opportunity to digest Anatec's news, we ensured their channel-centric model announcement would receive proper attention.
By the time Anatec's news launched on day one of the conference, journalists were prepared and had already incorporated the announcement into their coverage plans. The result was amplified visibility, including placement in roundup articles and broader show news. This approach exemplifies the strategic media relations that drive results in today's challenging landscape.
Looking Ahead
Cybersecurity vendors navigating this landscape will require more than good technology to break through the noise. It demands strategic storytelling, trusted media relationships, and an authentic point of view.
I left the show energized by the connections made and the insights gained. RSA reminded me that cybersecurity remains fundamentally human—built on trust, relationships, and shared purpose, despite the digital nature of the threats we face.