RSACAI SecurityBlogIdentity and Access ManagementSecurity
Blog4 minute read

The Grizzled CyberVet: RSA Conference 2025 – AI, Identity and the Battle for San Francisco

RSA 2025 brought together 45,000+ cybersecurity minds under one theme: "Many Voices. One Community." The message? The future of security is about collaboration and adaptation.

In this blog

  1. AI is taking over (and not always in a good way)
  2. Meet your new coworker: Agentic AI
  3. Identity is the new perimeter (again)
  4. Startups, sharks and spending sprees
  5. Cybersecurity needs a passport now
  6. The human element still matters
  7. The Grizzled CyberVet's final word

Another RSA Conference is in the books. And like every year, tens of thousands of security professionals packed into Moscone Center to talk tech, dodge marketing buzzwords and try to figure out if any of these vendors actually do what they say they do. Welcome to RSA 2025, where the theme was "Many Voices. One Community." Which loosely translates to: "We're all in this mess together."

Here's the no-BS breakdown from your friendly neighborhood Grizzled CyberVet:

 AI is taking over (and not always in a good way)

You couldn't throw a stress ball without hitting someone talking about AI. Everyone's got a machine learning (ML) model, an "intelligent" assistant or some agent that's basically Skynet's baby cousin. AI was front and center in everything, from detecting phishing to writing security reports to possibly ordering your lunch.

Pro tip: AI can be incredibly helpful, but it's not magic. If you're hoping it'll solve your security problems while you nap under your desk, you're gonna have a bad time.

 Meet your new coworker: Agentic AI

This new flavor of AI doesn't just analyze stuff — it makes decisions for you. Think of it as Clippy's evil twin: "It looks like you're being attacked. Shall I destroy the threat and rewrite your compliance report?"

Cool? Yes. Risky? Also yes.

 Identity is the new perimeter (again)

Just like bell bottoms and zero trust, identity security is back in style. The biggest threats these days? They're not kicking down your firewall; they're logging in with Bob from accounting's stolen credentials. Passwordless login, identity mapping and behavioral analytics are now table stakes. If you're still relying on "P@ssw0rd123," you might as well leave the door open and bake cookies for the attackers.

 Startups, sharks and spending sprees

Over $1.7 billion in venture capital flooded into cyber startups before the show. That means two things:

  1. We'll see more innovation (yay!).
  2. We'll also see more security tools with 5-letter names and vague mission statements (meh).

And yes, Palo Alto Networks opened its checkbook again, acquiring Protect AI and launching new AI-powered goodies. Platform wars are heating up.

 Cybersecurity needs a passport now

This year had a stronger global flavor. Government folks from the UAE, EU and beyond all emphasized one thing: The bad guys don't care about borders, and neither can we. Whether you're fighting ransomware or disinformation, we've got to start working together like a global security team — not 400,000 siloed companies with duct tape and ductless budgets.

 The human element still matters

RSA 2025 wasn't all robots and threat graphs. A lot of attention was paid to the "Security Poverty Line," aka the reality that small orgs just can't keep up. While Fortune 500s flex AI-powered everything, mom and pop shops are still patching by hand and using "admin/admin" to log in. It's not sustainable and the industry knows it.

Also: Major shoutout to Common for showing up and giving a musical nod to the unsung heroes in SOCs everywhere. Most unexpected crossover since Batman and Scooby-Doo.

 The Grizzled CyberVet's final word

RSA 2025 showed us that cybersecurity is moving fast, maybe too fast for some. AI is changing the rules, identity is ground zero and global cooperation is more important than ever. But underneath all the buzzwords and branding, it's still about people: protecting them, empowering them and sometimes explaining (for the hundredth time) why "clicking random email links" is a bad idea.

Until next time, keep your patches current, your logs centralized and your AI assistants non-sentient.

The Grizzled CyberVet