惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

爱范儿
爱范儿
P
Palo Alto Networks Blog
月光博客
月光博客
H
Hackread – Cybersecurity News, Data Breaches, AI and More
I
InfoQ
aimingoo的专栏
aimingoo的专栏
腾讯CDC
T
Threatpost
D
DataBreaches.Net
Vercel News
Vercel News
F
Fortinet All Blogs
Engineering at Meta
Engineering at Meta
C
Cybersecurity and Infrastructure Security Agency CISA
Forbes - Security
Forbes - Security
U
Unit 42
C
Check Point Blog
Blog — PlanetScale
Blog — PlanetScale
O
OpenAI News
量子位
TaoSecurity Blog
TaoSecurity Blog
Microsoft Azure Blog
Microsoft Azure Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
V
Visual Studio Blog
Recorded Future
Recorded Future
云风的 BLOG
云风的 BLOG
Security Archives - TechRepublic
Security Archives - TechRepublic
The Last Watchdog
The Last Watchdog
S
Security Affairs
Attack and Defense Labs
Attack and Defense Labs
罗磊的独立博客
Stack Overflow Blog
Stack Overflow Blog
Microsoft Security Blog
Microsoft Security Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
V
V2EX
小众软件
小众软件
S
SegmentFault 最新的问题
www.infosecurity-magazine.com
www.infosecurity-magazine.com
W
WeLiveSecurity
AI
AI
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
博客园 - 聂微东
I
Intezer
Know Your Adversary
Know Your Adversary
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
P
Proofpoint News Feed
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
The Cloudflare Blog
博客园_首页
NISL@THU
NISL@THU
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO

Cybersecurity Dive - Latest News

Dozens of Red Hat npm packages targeted in supply chain attack Turning tension into collaboration: How CIOs and CISOs can lead together Trump signs EO seeking early government access to powerful AI models Anthropic shares Mythos with 150 more organizations, including critical infrastructure operators Without strong governance, companies put credit ratings at risk in AI era CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation How Canva scaled to 260+M users while elevating security and productivity Top 4 data security best practices for the AI-enabled enterprise CISA urges security teams to check for software development compromises How CISOs can manage sovereign-cloud security risks IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities Enterprise data is creeping its way into shadow AI tools Coordinated operation takes down Glassworm botnet Leading AI models are more vulnerable to malicious prompts than vendors claim Iranian government, not hacktivist group, breached LA Metro system, security firm says FBI warns about PhaaS platform used to access Microsoft 365 environments Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages New York regulator calls for additional cyber mitigation amid heightened threat environment CISA asks cybersecurity community to alert it to vulnerability exploitation Grafana Labs links GitHub environment breach to TanStack npm supply chain attack 7-Eleven hit by data breach Microsoft disrupts cybercrime operation that hid behind legitimate software Compromised coding tool helped hackers breach thousands of GitHub repositories Telecom sector launches its own private ISAC Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN Grafana Labs says hacker gained access to codebase through leaked token How a government contest launched a revolution in AI-based bug hunting Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller MSPs need AI to fight AI-fueled cyberthreats: Guardz More money is going to physical security, but it’s often CISOs that oversee it: EY Frontier AI models reap rapid discovery of security vulnerabilities West Pharmaceutical starts restoring operations after ransomware attack Foxconn confirms cyberattack affecting some North American facilities OpenAI launches Daybreak to combat cyber threats Canvas owner reaches ‘agreement’ with threat actors after data breach Guardrail Technologies launches Traffic Light for Code & AI™; first security technology to verify & secure AI code and the people creating it Identity takes center stage as a leading factor in enterprise cyberattacks Second Canvas data breach causes major disruptions for schools, colleges AI used to develop working zero-day exploit, researchers warn New cybersecurity industry alliance aims to lead US critical infrastructure protection Identity is the new perimeter as rapid NHI proliferation threatens visibility and control Instructure confirms cybersecurity incident Anthropic’s Claude used in attempted compromise of Mexican water utility Businesses hide vast majority of ransomware attacks, report finds Palo Alto Networks warns state-linked cluster behind zero-day exploitation Businesses eager but unprepared for AI to transform their security strategies Iran-sponsored threat group behind false flag social engineering campaign NIST will test three major tech firms’ frontier AI models for cybersecurity risks Trellix investigating breach of source code repository CISA urges critical infrastructure firms to ‘fortify’ before it’s too late Critical vulnerability in cPanel leads to widespread exploitation New MOVEit vulnerabilities prompt urgent patch warning How OpenClaw’s agent skills become an attack surface White House questions tech industry on defensive AI use, cybersecurity resilience As email phishing evolves, malicious attachments decline and QR codes surge US and allies urge ‘careful adoption’ of AI agents PwC partners with Google Cloud to take on the managed security market US agencies promote zero-trust practices for operational technology networks CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog State CISOs losing confidence in ability to manage cyber risks ‘Fundamental tension’ undermines manufacturers’ cybersecurity North Korea-linked actor targets Web3 execs in social-engineering campaign US, UK authorities warn that Firestarter backdoor malware survives patching Major critical infrastructure supplier reports cyberattack When security becomes the attack surface: Why endpoint protection must evolve Hasbro expects March cyberattack to impact second-quarter revenue AI-written software creates hassles for wary security teams Iran-nexus threat groups refine attacks against critical infrastructure China disguises cyberattacks with ‘covert network’ botnets, US and allies warn Trump’s CISA director pick withdraws after tumultuous nomination Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says Microsoft SharePoint vulnerability widely exposed across multiple countries CISA urges security teams to view environments following axios compromise Big banks seek to ease security worries as AI push accelerates CISA confirms exploitation of 3 more Cisco networking device vulnerabilities Stellantis teams with Microsoft to strengthen digital capabilities Vulnerability exploitation surges often precede disclosure, offering possible early warnings Vercel systems targeted after third-party tool compromised Beyond IT: Cybersecurity is a strategic business risk TP-Link routers face exploitation attempt linked to high-severity flaw US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms CIOs fret over rising security concerns amid AI adoption CISA cancels prestigious summer internships, citing government shutdown NIST limits vulnerability analysis as CVE backlog swells Medium-severity flaw in Microsoft SharePoint exploited FCC exempts Netgear from foreign router ban FCC signals continued commitment to Cyber Trust Mark program Brute-force cyberattacks originating in Middle East surge in Q1 CISOs see gaps in their incident response playbooks US, Indonesia shut down ‘sophisticated’ phishing kit Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign Stryker warns of earnings fallout from March cyberattack NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure Iran-linked hackers target water, energy in US, FBI and CISA warn React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface Threat cluster launches extortion campaign using social engineering CISA’s vulnerability scans, field support on chopping block in Trump budget
AI and an absent government: Takeaways from RSAC 2026
Eric Geller · 2026-05-12 · via Cybersecurity Dive - Latest News

The annual RSAC Conference in San Francisco is a great opportunity to gauge what the cybersecurity community cares about — and what it worries about. This year, the biggest theme at the conference couldn’t have been clearer: everyone wants to know how to use, and protect themselves from, artificial intelligence.

As part of our monthly Reporters’ Notebook video series, Eric Geller, senior reporter at Cybersecurity Dive, sat down with Rob Wright, news director at Dark Reading, and Alissa Irei, senior site editor at TechTarget SearchSecurity, to discuss the biggest trends on stage and in the hallways at RSAC.

AI has been a ubiquitous presence at RSAC for the past several years, but as businesses’ AI considerations have matured, the conversations at the conference have also advanced. This year, the talk at RSAC was about the trade-offs of agentic AI solutions, the regulatory environment in the U.S. and abroad and the future of security work in an increasingly automated world.

Given the many repetitive tasks involved in running a security operations center, some security executives are bullish on AI’s potential to speed up and increase the quality of their teams’ work. AI agents can analyze and generate reports on reams of data without ever getting tired, freeing up human employees to perform more nuanced and complicated tasks. Research shows that companies are racing ahead with testing and implementing AI agents in their workflows.

At the same time, AI poses many serious cybersecurity threats. The technology is helping automate ransomware attacks, speed up lateral movement and understand targets’ vulnerabilities. AI tools themselves have flaws that can expose businesses to intrusions, and AI agents are susceptible to hijacking attacks that could lead to data theft or business disruptions.

AI’s impact on the workforce also remains uncertain. Some corporate leaders are optimistic about shrinking salary budgets, while others have a hard time imagining AI agents replacing humans on complex projects, and still others are struggling to hire experienced workers in the current environment.

In addition to AI, another theme pervaded this year’s RSAC Conference: the U.S. government’s absence. For political reasons, the Trump administration blocked several agencies from attending the conference, including the Cybersecurity and Infrastructure Security Agency, whose officials ended up being unable to attend anyway because of the partial government shutdown. The administration’s abrupt withdrawal from RSAC highlighted its pattern of disinvestment in cybersecurity, a trend that has strained relationships between federal agencies and their domestic and international partners.

Dark Reading’s Rob Wright: Hi, I’m Rob Wright with Dark Reading.

TechTarget SearchSecurity’s Alissa Irei: I’m Alissa Irei with Search Security.

Cybersecurity Dive’s Eric Geller: And I’m Eric Geller with Cybersecurity Dive.

DR’s Rob Wright: And we are here to talk about RSAC conference 2026, which happened last week. You guys were there on the ground in San Francisco. I was covering it from afar and I have my own thoughts on this, but wanted to see what you guys thought of the show last week, what you heard, and how it sort of stacked up against the, I guess the message of the show, the theme going into last week at San Francisco, which I think stood out to all three of us. Alissa, why don’t you take it away?

TTSS’s Alissa Irei: Sure. So, the theme of the conference was community, which was an interesting, and it seems maybe pointed choice, because obviously the acronym on everyone’s lips at the conference and in general is AI. So, I think that the choice to underscore the importance of community was intentional. The importance of human operators and human in the loop or human on the loop. And that I think there’s anxiety, you know, not just in our field, but in every, in every field about job replacement and AI use. So, the organizers at the conference, at least, were, I think, making the point that we still need humans. Artificial intelligence is not intelligent without human operators and that for the safety of ourselves and others, we do need humans involved in these processes. Eric, what was your impression of the conference on the ground versus the theme?

CD’s Eric Geller: Well, obviously, everywhere you look there was that focus on AI and particularly looking for understanding of the threats landscape, but also trying to get ahead of it with new defensive solutions. That was the common theme in a lot of the sessions, even if they weren’t billed as AI talks. But for my money, I think that the big theme that I was noticing was the tagline on all the posters did say, as you said, the power of community, but there was a big part of the community missing, which was the federal government, which pulled out of the conference a few weeks before it began. And of course, every year there’s a lot of people from the government who come, and both listen to what the community has to say and discuss their own plans. This is one of the places where those conversations are the most fruitful, according to a lot of folks I spoke to both before and during the conference, you know, there’s some anxiety about what that means that the government may not be as interested in participating in these kinds of events as it used to be. Of course, there have been a lot of cuts at the agencies that work closely with the business community and the security researchers who really make up a lot of the attendance of both RSA and a lot of the other conferences that we cover. So, I think that was a striking contradiction that a lot of folks saw.

On the one hand, the emphasis on community, the other hand, a major part of the community choosing not to participate for reasons really unrelated to the show itself. Now, that’s probably a one-off. I think we’re going to see them back at future shows, potentially even back at RSAC next year. At least in this case, you have a lot of people wondering whether it sends a broader signal. And of course, we’re looking for more information right now from the government about the cybersecurity strategy that they just put out.

Many folks said to me, RSAC would have been a perfect place to kind of roll out the information about what that means in practice. And of course, that was that did not happen. So, there were a lot of hallway conversations about the fact that there is this big void that’s being left by some of the federal agencies that normally would be participating and even stewarding some of these conversations.

DR’s Rob Wright: Yeah, that’s interesting. I know that my colleague Becky Bracken at Dark Reading had a story about how that. You know there were other governments, other nations that had brought their cybersecurity experts over to, you know, from the EU to discuss some of the things that were going on in their neck of the woods, but the gap was definitely noticeable. I wrote a story a few weeks ago about spyware, spyware policy — sort of a potential shift in the policy here in the US and how a lot of the spyware opponents that worked for the different civil society organizations, cybersecurity researchers, vendors that sort of specialized in this stuff were very fearful that there was a shift taking place in the US government in terms of policy. And they noted the same thing — there was a lack of communication. There was a lack of, I guess, people that were still in government working on this and communicating “All right, here’s the strategy. Here'’s what's going on and this is the direction we're going in.” And they’re sort of that — one person told me they were just sort of flying blind that there wasn’t any sort of communication or cooperation with the government at this stage and they were kind of lost at sea. A lot of people had left their positions in different agencies and so they’re just kind of winging it now hoping for the best, but not really sure. So, Eric, to your point, I think it is, it’s made a major impact.

TTSS’s Alissa Irei: It's an interesting moment too to have, I feel like it’s a moment of sort of unprecedented — I mean, to state the obvious unprecedented change — and it,s a moment that in a perfect world would see a lot of public private partnerships and cooperation and input from the private sector on public regulations and legislation. So, it is a notable absence and I think one that’s unlikely to see anyone’s anxieties about AI, which are plentiful regardless of what the federal government is or isn’t doing.

DR’s Rob Wright: Yeah, yeah, my anxiety. I’ll just tell you guys what it’s like up here. It’s actually off camera, so it’s like way above my —

TTSS’s Alissa Irei: Out of frame.

DR’s Rob Wright: Yeah, it’s out of frame. But yeah, let’s talk about AI. I mean, I know from, just managing like all of the stories that were coming in and looking at all the sessions and covering my own sessions that is just like every other one, probably more than probably two-thirds of the sessions were, had some type of AI component to them or were solely focused on AI. Obviously a big focus at the show. The one thing I thought was pretty interesting from my perspective as an outsider and just talking to people leading up to the show and then also people that were there last week as well was that there seemed to be a bit of a split. Maybe not a bit of maybe that’s being too gentle and too kind, but a split between, I guess, the C-level folks and the higher-ups in terms of what they thought of AI and what the researchers were seeing at the ground level in terms of you had a lot of researchers saying we need more human oversight. We need to be careful with agentic AI rollout. We need to be careful with vibe coding, coding assistance, all this stuff, and we just need more guard rails and more oversight. And then you had a lot of people. I mean, there was one person in particular, whose name I do not recall, but spoke at one of the sessions and said that human oversight — we need to get rid of it because it’s going to slow things down. And the whole point of AI is to speed things up. What were you guys seeing there or hearing?

TTSS’s Alissa Irei: It seems like on the business side, there’s so much enthusiasm for new AI use cases and experimentation and asking for forgiveness, not permission. And, at least from what I saw and heard, that creates a lot of opportunity for bad things to happen. I think Eric, I think you wrote a piece about a session, talking about the vulnerabilities that vibe coding introduces and, just the lack of oversight. So, it seems troubling, to say the least. On the flip side, I think to your point, Rob, about the C-level. I did go to a session with the CISO of Exabeam, who spoke about how the agentic AI that they’ve deployed in their SOC autonomously and independently found a North Korean malicious insider that they had hired. It was his first day. And according to him, the agentic AI flagged this person’s activity within hours, if not minutes of logging into his account for the first time. So, I think there are exciting examples of it working. How consistently it is working is unclear to me and then how we'’e going to manage these enormous vulnerabilities that it's introducing is terrifying, I think to a lot of us, Eric, I’ll let you weigh in. I know you, you wrote about this topic.

CD’s Eric Geller: Yeah, one of the quotes that stood out to me in that panel I covered was a guy who basically said, “If AI wrote your YARA rules, you should just delete them now because they’re probably crap.” And it really speaks to this hunger for automation. And also I think this hunger for frankly, profit margins. The fewer people you can pay to do this work, the more money you’re going to make, the better you’re going to look to shareholders, the more venture funding you can raise. This is really only partly about security. It’s largely about looking profitable by shedding some of that labor cost. And of course, we’ve seen what happens when you let the AI run rampant, it miscategorizes things. It can cost you a lot of money if you let it do its thing without human supervision. And I think the theme that emerged in a lot of these talks that focused on AI was not so much a balancing act, but kind of both at the same time. Yes, you want some kind of a genetic solution, taking those mundane tasks off the plate of your specialized expert human. But you also want some kind of governance framework in place so that there’s a human periodically dropping in to review what’s going on. And if you’ve got an agent, an AI agent that is out of control, you’ll see the signs of that when you drop in and check on what it’s doing. If it’s mismanaging things, if it’s mislabeling things, you’re going to see evidence of that. And so I think that’s where a lot of the conversations ended up was, yes, there’s a real reason why especially stock managers are looking for ways to kind of change the role of the analyst and bring AI more into the threat analysis part of the job. But at the same time, just as you need human supervisors for human workers, you’re going to need human supervisors for AI workers, because nothing human or machine is infallible. And particularly the scale at which some of these companies operate, the stakes involved in protecting the networks or leaving them defenseless. We’re talking about a lot of money that can be made or lost. And so you do want a human being involved checking the work of the AI agent.

DR’s Rob Wright: Yeah, and that makes sense to me. I know the session that I, one of the sessions that I covered last week, one of the stories I wrote, it was from a Checkpoint session and the researchers basically said that, you know, we spent 20 years building up all these security measures to protect, you know, our networks and shore up defenses around the endpoint and move execution to the cloud where it's theoretically, or I guess in practice a lot of times safer, and the AI coding assistance were basically punching holes through these defenses and setting security back. I mean, literally they said setting security back a decade because now it was giving attackers a route from their endpoint, you know, from employees endpoint to the crown jewels, to development environments, to really important data. And that didn't used to be the case. And so, all this work that was being done for the last 10, 20 years is now just being thrown away. And the thing that I think they thought was shocking about all of this was just how many companies were rushing to these tools without any sort of acknowledgement that even without a vulnerability, even if you're not exploiting a flaw, like a critical flaw, you’re still, you’ve created a tunnel from like just a simple workstation that’s probably under-protected still to this day to, you know, some really important parts of the network that are highly privileged. And they were they were pretty surprised that people were just kind of like full steam ahead to this stuff and not taking a beat to say, Hey, is this the best idea? Do we need to do more to protect the stuff? Do we need to do more to oversee what the agents are doing and the privileges that we’re giving to these vibe coding tools? And I think that that was something that surprised them. And then I was surprised myself to hear their surprise that they just saw this sort of cavalier attitude going into it. And I don't know — based on what I was seeing at the show and hearing at the show, I don’t think that's going to change anytime soon, even with all the research that's out there about the various vulnerabilities and the various threats and the expanding attack surface that AI introduces. It doesn't seem to me like very many organizations or very many people are going to suddenly say, “Well, we need to take a step back. We need to slow down with this.” If anything, it feels like pressure is continually mounting to make the most of your investment in AI. Like Eric, to your point, shed cost, you know, like save money and reduce workforces. So that was the concerning thing for me was just seeing that that split and that that guess dichotomy.

TTSS’s Alissa Irei: It’s tricky too, because we talk a lot about on SearchSecurity. We participate a lot in the discourse around security culture and the importance of security being a business enabler and not being the Department of No, and aligning yourself with the business objectives, which is all true and important. On the other hand, the culture does seem, to your point Rob, like it’s going in that direction of full steam ahead. Don’t ask questions. Don’t say anything that’s going to slow down the road to profits generated from AI.

DR’s Rob Wright: Yeah. It’s distressing. I guess any closing thoughts from the show, takeaways, surprises, anything that stuck out to you other than the stuff we've already talked about?

CD’s Eric Geller: Well, I’ll offer one that's sort of related to AI, which is about the CVE program. We’ve really been hearing a lot of warnings about this program for almost a year. I don’t remember when last year. I think it was April of last year when they almost lost their government funding. In the year since then, people have been saying that this is not sustainable. People have been actually working in Europe to create alternatives to the CVE program. There are at least two of them in operation right now, one of them run by the European Union. And in addition, of course, to the precariousness of not having a guaranteed government funding source, there’s also the other problem that is really kind of battering this program right now, which is AI, because the vulnerability reports are coming in faster than they can handle. You know, there was a person speaking on the panel about CVE from GitHub who said that, I mean, that the numbers, just the incredible volume of VONE reports that are submitted through their system, and a lot of them are coming from AI agents that are out there looking for vulnerabilities. A lot of them are low quality. A lot of them are basically hallucinating vulnerabilities where none exist. That is an incredible amount of work to sort through. And for a program that was already struggling to classify and label these vulnerabilities just to get them in and out the door and give them a number, now you have AI making it even harder to deal with this because it’s really a tidal wave of reports, most of which are garbage.

This is not what this program needed at this moment if you ask the folks involved, but it is a trend that is only going to accelerate. I think about the AI agent that jumped to the top of the Hacker One tables last year in terms of reporting the most vulnerabilities. We’re not putting that genie back in the bottle. What that means for the CVE program, which is really at the bedrock of everything that everybody does in cyber defense, just having that CVE number. What that does to the program in the near future is something that I'll be watching very closely.

DR’s Rob Wright: I bet the AI companies love this because they’re probably going to say, “Well, you’re going to need AI to decipher all the AI slop that’s coming in and, you know, sort through it all and find the good stuff and not have the humans do it.

TTSS’s Alissa Irei: That actually makes me think about an informal conversation I had with Diana Kelly, who’s the CISO at Noma Security. She gave a session, she gave a talk on model collapse and the inevitability of, I think the theme of the talk was Idiocracy, the movie. If the models keep consuming their own content, then at some point, you know, we all become very, very stupid. Which brings us back to that theme of community and the importance of human contributions and human intelligence. I’ll also add — I’ll be the voice of optimism here — that there were moments in the conference, like for example, the CISO from Exabeam’s talk that I mentioned earlier, where I think there are some exciting examples of AI doing what it’s supposed to in the SOC. And we know that SOC analysts are overworked and overstressed and that if these AI agents can alleviate some of that burden and can sift through some of that noise and bubble up the ones that are actually actionable. That would be awesome. So, is it the end of the world as we know it is coming or a new level of nirvana in the SOC? Probably somewhere in between would be my guess.

DR’s Rob Wright: I'll try to be optimistic. I like ending on an optimistic note, so we’ll leave it there.

TTSS’s Alissa Irei: The power of community.

DR’s Rob Wright: The power of community and the power of positive thinking about AI and its future applications for cybersecurity.

TTSS’s Alissa Irei: There we go.

DR’s Rob Wright: Yeah, there we go. Thanks so much, guys. Really appreciate it.