Many Voices. One Community: Key Takeaways from 2025’s RSA Conference
From the desk of Ali Zadeh
The RSA Conference 2025 wrapped up last month in San Francisco, once again proving why it’s the most important cybersecurity event of the year.
For professionals across industries, the RSA Conference offers a chance to learn, connect, and prepare for the next wave of cyber risks. Whether you’re protecting internal systems or overseeing security across a portfolio, RSAC delivers critical insights into the strategies, tools, and threats shaping the future of digital defense.
This year’s theme, “Many Voices. One Community.”, underscored the need for collaboration across organizations, industries, and geographies. From public-private partnerships to cross-functional teams, the message was clear: cybersecurity is a shared responsibility. Sessions and keynotes focused on how unity, diversity of thought, and shared intelligence are essential to counter increasingly sophisticated threats.
Key takeaways:
At RSA Conference 2025, artificial intelligence took center stage, playing three essential roles in cybersecurity: defender, target, and weapon. As a defender, AI enables advanced threat detection and automated incident handling—demonstrated by CrowdStrike’s upgraded Charlotte AI and SentinelOne’s Purple AI Athena.
As a target, autonomous AI systems now need protection themselves. Recent examples underscore this risk: DeepSeek suffered a large-scale backend cyberattack and cloud data leak; Google’s Gemini faced prompt injection attacks that allowed attackers to manipulate outputs and extract sensitive information.
Meanwhile, AI is also a powerful weapon in the hands of attackers, used to craft convincing phishing, deepfakes, and exploit campaigns. This shifting landscape is prompting firms to embed AI-driven protection into their solutions.
Another dominant theme was identity as the new perimeter.
With cloud-first architectures, hybrid work, and SaaS sprawl, the enterprise perimeter has disappeared. What remains is mostly identity as the core control surface. This means that security now centers on verifying users and devices, not just protecting the network. With cloud apps and remote work, traditional firewalls and protections aren’t enough. Strong identity controls beyond MFA- like device trust, and conditional access—ensure only authorized users on secure devices can access data from anywhere, replacing the old notion of a fixed network boundary.
Collaboration and data sharing also took the spotlight. No organization can defend alone. Security leaders emphasized the importance of trusted relationships, shared threat intelligence, and collective defense. Whether it’s mitigating supply chain risk or managing shared cloud environments, collaboration is no longer optional—unity and community are security imperatives.
At RSA 2025, Agentic AI emerged as another major focus, highlighting a shift toward autonomous systems that can act independently scheduling tasks, writing code, analyzing data, and making decisions without human oversight.
While these AI agents promise greater efficiency and scalability, they also introduce significant security concerns. Each agent becomes a potential attack surface, capable of accessing sensitive data and systems. As a result, cybersecurity leaders emphasized the need for robust identity, governance, and monitoring tools to ensure these digital actors are secure, accountable, and aligned with enterprise policies.
Finally, RSA 2025 marked a strong pivot toward platformization. The days of cobbling together point solutions are over. Organizations are seeking comprehensive, integrated platforms with a clear product vision and long-term support. The emphasis is on choosing partners that can scale, adapt, and consolidate tools without chasing trends or hype.