Be a part of our day by day and weekly newsletters for the newest updates and unique content material on industry-leading AI protection. Be taught Extra
Whereas over 20 distributors introduced agentic AI-based safety brokers, apps and platforms at RSAC 2025, essentially the most insightful information from the convention is a uncommon, encouraging pattern for safety leaders. For the primary time in three years, general cybersecurity effectiveness has improved.
Scale Enterprise Companions (SVP) not too long ago launched the 2025 Cybersecurity Views Report, which shared that the common effectiveness of cybersecurity protections improved for the primary time in three years, growing to 61% efficacy this 12 months from 48% in 2023. In keeping with the report, “70% of safety leaders have been most protected in opposition to normal phishing assaults, with solely 28% of corporations reporting compromise.”
SVP additionally discovered that 77% of CISOs consider defending AI/ML fashions and information pipelines is a precedence to enhance their safety posture by 2025, up from 55% final 12 months. Notably, given the inflow of recent agentic AI options introduced at RSAC, 75% of corporations expressed curiosity in leveraging AI to automate SOC investigations utilizing AI brokers to triage massive volumes of safety alerts to forestall safety incidents.
SVP’s rise in efficacy numbers isn’t unintentional; they outcome from CISOs and their groups adopting automation at scale whereas efficiently consolidating their platforms and lowering gaps attackers had walked by up to now.
“Should you don’t have full visibility, the attackers are going to undergo the cracks between merchandise,” Etay Maor, senior director of safety technique at Cato Networks, informed VentureBeat throughout RSAC 2025. “We designed our platform to get rid of these blind spots—bringing safety and networking collectively so nothing escapes our eyes.”
Agentic AI is transferring quick past minimal viable product to platform DNA
Maor’s perspective explains why a brand new definition of what a minimal viable product is required for agentic AI in cybersecurity. RSAC 2025 revealed how mature agentic AI is changing into. There’s a bunch of distributors utilizing agentic AI as a code-based adhesive to unify code bases and apps collectively, after which there are those who’ve been at this for years, and agentic AI is core to their code base and structure.
Cybersecurity suppliers on this latter group, the place agentic AI is core to their platform and, in lots of circumstances, proceed to double-down their R&D spend on excelling at agentic AI. This consists of Cato Networks’ SASE Cloud Platform, Cisco AI Protection, CrowdStrike’s Falcon single agent structure, Darktrace’s Cyber AI Loop, Elastic’s Elastic AI Assistant, Microsoft’s Safety Copilot and Defender XDR Suite, Palo Alto Networks’ Cortex XSIAM, SentinelOne’s Singularity Platform and Vectra AI’s Cognito Platform.
Organizations which can be counting on built-in AI-driven detection with automated containment are lowering dwell occasions by over 40%. They’re additionally practically twice as probably to neutralize phishing-based intrusions earlier than lateral motion happens. Distributors on the present flooring typically relied on identification and entry administration eventualities to showcase how their agentic AI workflows might assist trim workloads for safety operations middle (SOC) analysts.
“Identification goes to be a important ingredient of AI all through its life cycle. AI brokers are going to wish identities. They’re going to wish to know zero belief, and the way will we confirm them? Explicitly handle least privileged entry,” famous Microsoft’s Company Vice President for Safety, Vasu Jakkal, throughout her keynote. As Jakkal succinctly put it, “AI should first begin with safety. It’s important that we evolve our safety mechanisms as quickly as we evolve AI.”
A standard theme of each agentic AI demo throughout the present flooring was triangulating assault information, shortly gaining insights into the type of tradecraft getting used after which defining a containment technique all in actual time.
CrowdStrike confirmed how agentic AI can pivot from detection to real-time motion by a reside investigation of a North Korean risk marketing campaign to position distant DevOps hires in strategic expertise firms within the U.S. and all over the world. The reside demo adopted the tradecraft of the DPRK’s Well-known Chollima because it impersonated a distant DevOps rent, slipped previous HR checks and leveraged professional instruments, together with RMM software program and VS Code, to quietly exfiltrate information. It was a pointy reminder that, whereas highly effective, agentic AI nonetheless depends on a human within the loop to identify adaptive threats and fine-tune fashions earlier than the sign will get misplaced within the noise.
The gen AI objective: discovering nation-state tradecraft and killing it
It’s the assaults that no individual, firm, or nation sees coming which can be essentially the most devastating and difficult to include and overcome. The considered threats so devastating that they might simply shut down an influence grid, cost, banking, or provide chain system dominates the minds of lots of the brightest and most revolutionary applied sciences in cybersecurity.
Cisco’s Chief Product Officer Jeetu Patel emphasised the urgency of strengthening cybersecurity with AI in order that threats lurking which may be devastating as soon as triggered could be discovered now and neutralized. “AI is basically altering all the pieces, and cybersecurity is on the coronary heart of it. We’re not coping with human-scale threats; these assaults are occurring at machine scale,” Patel mentioned throughout his keynote.
Patel emphasised that AI-driven fashions are usually not deterministic: “They gained’t provide the identical reply each single time, introducing unprecedented dangers.”
CISOs want to know as we speak’s advanced dangers and threats
“This isn’t one other AI discuss, I promise,” CrowdStrike CEO George Kurtz joked as he opened his RSAC 2025 keynote. “I used to be requested to present one, and I mentioned, ‘How about we speak about one thing that truly issues proper now, like getting CISOs a seat on the board desk?’” That punchline delivered two issues directly: comedian reduction and a pointy pivot to the defining problem of cybersecurity management in 2025.
In his keynote, “The CISO’s Information to Securing a Board Seat,” Kurtz issued a transparent name to behaveion: “Cybersecurity is not a compliance suggestion. It’s a governance mandate. The SEC rules have materially modified the arc of the CISO’s profession.” Boards aren’t simply evolving; they’re being compelled to reckon with cyber danger as a major enterprise risk.
Kurtz backed his argument with arduous numbers: 72% of boards say they’re actively looking for cybersecurity experience, however solely 29% even have it. “That’s not only a expertise hole,” Kurtz mentioned. “It’s a possibility in the event you’re able to step up,” he inspired the viewers.
His roadmap for CISOs to achieve the boardroom was tactical and hands-on:
- Degree up what you are promoting fluency. “Perceive the place enterprise worth is created. Should you can’t converse margin, ARR, or authorized danger, you gained’t final lengthy on the desk.”
- Communicate the board’s language. “Each boardroom runs on three priorities: time, cash, and authorized danger. Should you can’t translate cyber into these, you’ll keep on the sidelines.”
- Construct your model outdoors the safety bubble. “Board members are on a number of boards. The best way in is thru belief and fame, not simply technical excellence.”
Kurtz traced the trail from regulatory reform to boardroom impression by revisiting how Sarbanes-Oxley in 2002 remodeled CFOs into stable boardroom contributors. He argued that the SEC’s 2024 breach reporting mandate does the identical for CISOs. “Threats drive regulation, and regulation drives board composition,” he mentioned. “That is our second.”
His recommendation wasn’t summary. He urged CISOs to review proxy statements, determine committee-level wants and community strategically with board members who’re “all the time seeking to fill roles.” He pointed to CrowdStrike CISO Adam Zoller, now on the board of AdventHealth, as a mannequin. Zoller, Kurtz says, is somebody who earned his seat by staying within the room, studying how the board operated and being seen as greater than a safety professional.
Kurtz closed with a problem: “I hope to come back again in ten years, nonetheless with crimson hair, and see CISOs on 50% of boards, identical to CFOs. The boardroom’s not ready for permission. The one query is: will it’s you?”
“AI isn’t magic—It’s math”
Diana Kelley, CTO of Defend AI, drew one of the vital early crowds at RSAC 2025 with a blunt message: “AI isn’t magic—it’s math. And simply as we safe software program, we should rigorously safe the AI lifecycle.” Her keynote supplied a sound background that sliced by gen AI hype, spotlighting the true dangers to AI fashions that each group must defend in opposition to earlier than starting any work on their fashions. Kelly supplied in-depth insights into mannequin poisoning, immediate injections and hallucinations, calling for a full-stack strategy to AI safety.
She launched the OWASP High 10 for gen AI, emphasizing the necessity to safe AI from day zero, associate with CISOs early, threat-model aggressively and deal with prompts, outputs and agent chains as privileged assault surfaces.
Palo Alto Networks introduced its intent to amass Defend AI the identical day as Kelley’s presentation, one other issue driving so many conversations about her keynote.
RSAC 2025 reveals why it’s time for agentic AI to ship outcomes
RSAC 2025 made one factor clear: AI brokers are coming into safety workflows, however boards need proof they work. For CISOs below stress to justify spending and cut back danger, the main focus is shifting from innovation hype to operational impression. The actual wins, together with 40% decrease dwell time and phishing resilience reaching 70%, got here from platform consolidation and automating alert triage, that are all confirmed applied sciences and strategies. Agentic AI’s second of reality is right here, particularly for distributors simply coming into the market.
