惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Tenable Blog
MyScale Blog
MyScale Blog
罗磊的独立博客
Hugging Face - Blog
Hugging Face - Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
爱范儿
爱范儿
博客园 - 司徒正美
D
Darknet – Hacking Tools, Hacker News & Cyber Security
量子位
N
News | PayPal Newsroom
S
Secure Thoughts
酷 壳 – CoolShell
酷 壳 – CoolShell
L
LINUX DO - 热门话题
有赞技术团队
有赞技术团队
V
Visual Studio Blog
T
Tailwind CSS Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Project Zero
Project Zero
B
Blog RSS Feed
J
Java Code Geeks
Google Online Security Blog
Google Online Security Blog
Last Week in AI
Last Week in AI
Cyberwarzone
Cyberwarzone
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
小众软件
小众软件
博客园 - 【当耐特】
Latest news
Latest news
T
Threat Research - Cisco Blogs
aimingoo的专栏
aimingoo的专栏
博客园_首页
博客园 - 三生石上(FineUI控件)
Engineering at Meta
Engineering at Meta
D
Docker
Forbes - Security
Forbes - Security
Help Net Security
Help Net Security
Apple Machine Learning Research
Apple Machine Learning Research
P
Proofpoint News Feed
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Simon Willison's Weblog
Simon Willison's Weblog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
V2EX - 技术
V2EX - 技术
N
Netflix TechBlog - Medium
The Last Watchdog
The Last Watchdog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
T
Threatpost
Cloudbric
Cloudbric
T
The Exploit Database - CXSecurity.com
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 叶小钗
Webroot Blog
Webroot Blog

Search Security Resources and Information from TechTarget

How to operationalize threat modeling with AI | TechTarget CISO First fully agentic ransomware attack sparks readiness concerns | TechTarget Evaluating secure enterprise browsers vs. security plugins | TechTarget The AI vulnerability storm is here: Is your security program ready? | TechTarget Perimeter to posture: A roadmap to zero trust maturity | TechTarget TLS certificate lifetime changes: What CISOs must do now | TechTarget The agentic AI 8 key aspects of a mobile device security audit program | TechTarget Why mobile security audits are important in the enterprise | TechTarget Beyond the perimeter: The shift to data-centric protection | TechTarget How agentic AI threat intelligence aids NGO cyber defense: Case study | TechTarget How to conduct a mobile app security audit | TechTarget NO FAKES Act advances: What CISOs need to know | TechTarget What CISOs should know about AI runtime security | TechTarget As Q-Day looms, 90% of systems are unprepared for PQC | TechTarget A CISO Most security pros say their culture is Zscaler lays out its vision to secure the AI era at Zenith Live | TechTarget The OpenClaw security risks every CISO needs to know | TechTarget Cloud security metrics and KPIs: A CISO Florida public sector training on SimSpace cyber range: Case study | TechTarget Reporters' Notebook — Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security It's time to update incident response for the AI era How to build AI security guardrails without blocking innovation The prosecution gap: Why cybercrimes go unpunished AI in cyberdefense: Learning from threat actors' playbooks Top identity and access management risks CISO role changes as cyber-risk appetites in the C-suite grow CISO's guide to data minimization Researchers build autonomous AI worm that can reason and adapt How to secure data at rest, in use and in motion How to find cyber-risk data sources for a FAIR analysis Lost in translation: Cybersecurity board reporting for CISOs How to prepare security controls for future AI regulations EO 14390 raises stakes for enterprise cybersecurity First month of Mythos Preview testing exposes 10K flaws OT attacks shift from recon to physical control, raising stakes For CISOs, dawn of OpenAI Daybreak brings good and bad news Gartner Security & Risk Management Summit 2026: Adapting for AI | TechTarget Inside business email compromise attacks: Real-world examples Verizon 2026 DBIR: 6 key takeaways for CISOs Identity security for AI agents: The proliferation challenge How to build a business impact analysis checklist Taking care of business: The CISO's role in a cyber crisis What CISOs need to know about AI audit logs SOC vs. MDR: What CISOs need to consider Instructure cyberattack reignites ransom payment debate Transform SIEM rules with behavior-based threat detection CISO's guide: How to test an incident response plan How to implement zero trust for AI Data after the breach: Economics of the dark web The breakup: Why CISOs are decoupling data from their SIEMs | TechTarget News brief: Security worries and warnings as AI use expands How to construct an effective security controls evaluation 5 leading enterprise password managers to consider Claude Mythos changes the AI security threat matrix Buyer 6 things to check in your cyber insurance policy fine print How cyber insurance helped with breach recovery -- or not News brief: Critical infrastructure, OT cybersecurity attacks Tape's strategic role in modern data protection Top zero-trust use cases in the enterprise What every CISO should consider before a SIEM migration CISO's guide to centralized vs. federated security models Shadow code: The hidden threat for enterprise IT How to fix cybersecurity's agentic AI identity crisis 5 top SIEM use cases in the enterprise Top 8 e-signature software providers for 2026 How do digital signatures work? News brief: AI woes continue for security leaders Deepfake era demands proof-based security, not just awareness Is SOAR dead or alive? Sort of The push for digital sovereignty: What CISOs need to know Beyond awareness: Human risk management metrics for CISOs Cybersecurity in the age of AI means bigger, faster threats Inside the SOC that secured RSAC 2026 Conference How to roll out an enterprise passkey deployment How to improve the SOC analyst experience -- and why it matters How contact centers detect and prevent fraud News brief: Iranian cyberattacks target U.S. water, energy CISO checklist: Cybersecurity platform or marketing ploy? RSAC 2026 Conference: Key news and industry analysis | TechTarget Next-generation firewall buyer's guide for CISOs Contact center monitoring best practices for CX leaders RSAC 2026: Cyber insurance and the rise of ransomware Agentic AI's role in amplifying and creating insider risks RSAC 2026 recap: AI security and network security trends Identity security at RSAC 2026: The new enterprise dynamics Meaningful metrics demonstrate the value of cyber-resiliency What to know about red team testing and the law News brief: Iran cyberattacks escalate, U.S. targets named 5 top SOC-as-a-service providers and how to evaluate them Cloud security architecture: Enterprise cloud blueprint for CISOs Contact center compliance checklist for modern workforces How AI caught a malicious North Korean insider at Exabeam Watch your words: Tim Brown's advice for CISOs News brief: U.S. absence at RSAC sparks leadership concerns Network security management challenges and best practices 10 enterprise secure remote access best practices
At RSAC 2026, AI optimism and anxiety -- and an MIA U.S. government
2026-04-18 · via Search Security Resources and Information from TechTarget

Transcript - At RSAC 2026, AI optimism and anxiety -- and an MIA U.S. government

Editor's note: The following transcript has been lightly edited for length and clarity by Informa TechTarget's internal AI assistant.

Dark Reading's Rob Wright: Hi, I'm Rob Wright with Dark Reading.

TechTarget SearchSecurity's Alissa Irei: I'm Alissa Irei with SearchSecurity.

Cybersecurity Dive's Eric Geller: And I'm Eric Geller with Cybersecurity Dive.

Wright: And we are here to talk about RSAC Conference 2026. Yes, RSAC, which happened last week. You both were there on the ground in San Francisco. I was covering it from afar. I have my own thoughts on this, but wanted to see what you thought of the show last week, what you heard, and how it stacked up against the theme of the conference, which stood out to all three of us. Alissa, why don't you take it away?

Irei: Sure. The theme of the conference was community, which was an interesting and pointed choice because the acronym on everyone's lips at the conference and in general is AI. The choice to underscore the importance of community seemed intentional. It emphasized the importance of human operators and human involvement in AI processes. There's anxiety, not just in our field but in every field, about job replacement and AI use. The organizers were making the point that we still need humans. Artificial intelligence is not intelligent without human operators, and for the safety of ourselves and others, humans need to be involved in these processes. Eric, what was your impression of the conference on the ground versus the theme?

Geller: Everywhere you looked, there was a focus on AI, particularly understanding the threat landscape and trying to get ahead of it with new defensive solutions. That was a common theme in many sessions, even if they weren't explicitly billed as AI talks. For me, the big theme was the tagline on all the posters, "The Power of Community." However, a major part of the community was missing -- the federal government, which pulled out of the conference a few weeks before it began. Every year, government representatives attend to listen to the community and discuss their own plans. This is one of the places where those conversations are the most fruitful, according to many people I spoke to before and during the conference.

There's anxiety about what this absence means. It raises questions about whether the government is as interested in participating in these events as it used to be. There have been cuts at agencies that work closely with the business community and security researchers who make up much of the attendance at RSAC and similar events. This absence was a striking contradiction to the emphasis on community. Many people wondered whether it sends a broader signal. We're looking for more information from the government about the cybersecurity strategy they recently released. Many felt RSAC would have been the perfect place to roll out details about what the strategy means in practice. That didn't happen, leaving a void in conversations typically stewarded by federal agencies.

Wright: That's interesting. My colleague Becky Bracken at Dark Reading wrote about how other governments, such as those in the EU, brought their cybersecurity experts to discuss developments in their regions. However, the gap left by the US government was noticeable. I wrote a story a few weeks ago about spyware policies and a potential shift in US policy. Many opponents of spyware, including civil society organizations, cybersecurity researchers and vendors specializing in this area, expressed concern about a lack of communication and cooperation with the government. They felt they were flying blind, with no clear strategy or direction. Eric, to your point, this absence has made a major impact.

Irei: It's an interesting moment of unprecedented change. Ideally, this would be a time for public-private partnerships, cooperation and input from the private sector on public regulations and legislation. The absence of the federal government is notable and unlikely to ease anyone's anxieties about AI, which are already plentiful.

Wright: My anxiety is off the charts. Let's talk about AI. Managing all the stories coming in and covering sessions, it was clear that AI was a major focus at the show. More than two-thirds of the sessions had some AI component or were solely focused on AI. One thing I found interesting was the split between C-level executives and researchers. Researchers emphasized the need for human oversight and caution with agentic AI rollouts and coding assistants. They called for more guardrails and oversight. On the other hand, some higher-ups argued that human oversight should be eliminated because it slows things down, and the whole point of AI is to speed things up. What were you seeing or hearing?

Irei: On the business side, there's enthusiasm for new AI use cases and experimentation, often with a "ask for forgiveness, not permission" attitude. And at least from what I saw and heard, this creates opportunities for bad outcomes. Eric, I think you wrote about a session discussing vulnerabilities introduced by vibe coding and the lack of oversight. It's troubling, to say the least. On the flip side, I attended a session with the CISO of Exabeam, who shared an example of agentic AI deployed in their SOC. It autonomously identified a North Korean malicious insider on his first day. According to the CISO, the AI flagged the activity within hours, if not minutes, of the individual logging into his account. Eric, I'll let you weigh in. I know you wrote about this topic.

Wright: That's a good point.

Geller: One of the quotes that stood out to me in that panel I covered was a guy who basically said, "If AI wrote your Yarrow rules, you should delete them now because they're probably crap." And it really speaks to this hunger for automation. And also, I think this hunger for, frankly, profit margins. The fewer people you can pay to do this work, the more money you're going to make, the better you're going to look to shareholders, the more venture funding you can raise. This is really only partly about security. It's largely about looking profitable by shedding some of that labor cost.

Of course, we've seen what happens when you let the AI run rampant. It miscategorizes things. It could cost you a lot of money if you let it do its thing without human supervision. The theme that emerged in a lot of these talks that focused on AI was not so much a balancing act, but kind of both at the same time. Yes, you want some kind of agentic solution taking those mundane tasks off the plate of your specialized expert human, but you also want some kind of governance framework in place so that there's a human periodically dropping in to review what's going on.

If you've got an AI agent that is out of control, you'll see the signs of that when you drop in and check on what it's doing. If it's mismanaging things, if it's mislabeling things, you're going to see evidence of that. And so I think that's where a lot of the conversations ended up: yes, there's a real reason why, especially SOC managers, are looking for ways to change the role of the analyst and bring AI more into the threat analysis part of the job. But at the same time, just as you need human supervisors for human workers, you're going to need human supervisors for AI workers because nothing human or machine is infallible.

Particularly at the scale at which some of these companies operate, the stakes involved in protecting the networks or leaving them defenseless are high. We're talking about a lot of money that can be made or lost, and so you do want a human being involved checking the work of the AI agent.

Wright: Yeah, and that makes sense to me. I know one of the sessions I covered last week, one of the stories I wrote, was from a Check Point session. The researchers basically said that we spent 20 years building up all these security measures to protect our networks, shore up defenses around the endpoint and move execution to the cloud where it's theoretically, or I guess in practice, a lot of times safer.

The AI coding assistants were basically punching holes through these defenses and setting security back. Literally, they said it was setting security back a decade because now it was giving attackers a route from their endpoint -- from an employee's endpoint -- to the crown jewels, to development environments, to really important data. That didn't used to be the case. All this work that was being done for the last 10 to 20 years is now just being thrown away.

The thing that shocked them was how many companies were rushing to these tools without any acknowledgment that, even without a vulnerability, even if you're not exploiting a critical flaw, you're still creating a tunnel from a simple workstation that's probably underprotected to some really important parts of the network that are highly privileged.

They were surprised that people were just going full steam ahead with this stuff and not taking a beat to say, "Hey, is this the best idea? Do we need to do more to protect this? Do we need to do more to oversee what the agents are doing and the privileges we're giving to these coding tools?"

I was surprised myself to hear their surprise. Based on what I was seeing and hearing at the show, I don't think that's going to change anytime soon. Even with all the research out there about the various vulnerabilities and the expanding attack surface that AI introduces, it doesn't seem like many organizations or people are going to suddenly say, "We need to take a step back." If anything, it feels like pressure is continually mounting to make the most of your investment in AI and, like Eric said, shed costs, save money and reduce workforces. That was the concerning thing for me -- just seeing that split and that dichotomy.

Irei: It's tricky too because we talk a lot on SearchSecurity about participating in the discourse around security culture and the importance of security being a business enabler -- not being the department of "no" -- and aligning yourself with business objectives.

Wright: Hmm.

Irei: Which is all true and important. On the other hand, the culture does seem, to your point, Rob, like it's going in that direction of full steam ahead. Don't ask questions. Don't say anything that's going to slow down the road to profits generated from AI.

Wright: Yeah.

Irei: Yeah, it's distressing, I guess.

Wright: Any closing thoughts from the show? Takeaways, surprises, anything that stuck out to you other than the stuff we've already talked about?

Geller: Well, I'll offer one that's sort of related to AI, which is about the CVE program. We've really been hearing a lot of warnings about this program for almost a year. I think it was April of last year when they almost lost their government funding. In the year since then, people have been saying that this is not sustainable.

People have been working in Europe to create alternatives to the CVE program. There are at least two of them in operation right now, one of them run by the European Union. In addition to the precariousness of not having a guaranteed government funding source, there's also the other problem battering this program right now: AI.

The vulnerability reports are coming in faster than they can handle. A person on the panel about CVE from GitHub said the numbers -- the incredible volume of vulnerability reports submitted through their system -- are staggering. A lot of them are coming from AI agents looking for vulnerabilities. Many are low quality, and many are hallucinating vulnerabilities where none exist.

That is an incredible amount of work to sort through. For a program already struggling to classify and label these vulnerabilities just to get them in and out the door and give them a number, AI is making it even harder. It's a tidal wave of reports, most of which are garbage. This is not what this program needed at this moment, but it is a trend that is only going to accelerate.

I think about the AI agent that jumped to the top of the HackerOne tables last year in terms of reporting the most vulnerabilities. We're not putting that genie back in the bottle. What that means for the CVE program, which is really at the bedrock of everything in cyberdefense, is something I'll be watching very closely.

Irei: Yep.

Wright: All right. I bet the AI companies love this because they're probably going to say, "Well, they're going to need AI to decipher all the AI slop that's coming in and sift through it all to find the good stuff."

Irei: That makes me think, Rob, about an informal conversation I had with Diana Kelly, the CISO at Noma Security. She gave a talk on model collapse and the inevitability of AI consuming its own content. The theme of the talk was "Idiocracy," the movie. If the models keep consuming their own content, at some point, we all become very, very stupid.

That brings us back to the theme of community and the importance of human contributions and intelligence. I'll also add, to be the voice of optimism here, that there were moments in the conference -- like the CISO from Exabeam's talk I mentioned earlier -- where there are exciting examples of AI doing what it's supposed to in the SOC.

We know SOC analysts are overworked and overstressed. If these AI agents can alleviate some of that burden, sift through the noise and bubble up actionable items, that would be awesome. Is it the end of the world as we know it or a new level of nirvana in the SOC? Probably somewhere in between would be my guess.

Wright: I'll try to be optimistic. I like ending on an optimistic note, so we'll leave it there. The power of community and positive thinking about AI and its future applications for cybersecurity.

Irei: The power of community.

Wright: Yeah, there we go. Thanks so much, guys. Really appreciate it.

+ Show Transcript