At RSAC 2026, ESET are tracking an evolving landscape where ransomware affiliates are growing more agile, nation-state actors continue to target critical infrastructure, and the rise of agentic AI is introducing entirely new categories of risk.
Supply chain attacks dominated 2024 and show no signs of slowing down. CrowdStrike, CDK, Change Healthcare, JLR, and Marks and Spencer were all classified as catastrophic or major incidents by the insurance industry, and all were supply chain attacks.
But as ESET’s Tony Anscombe argues, organizations are still thinking about supply chain risk too narrowly, focusing only on their own inbound cyber dependencies while ignoring how an attack in the center of a supply chain can cascade in both directions.
Expert Insights spoke to Jean-Ian Boutin, ESET’s Head of Threat Research, and Tony Anscombe, Chief Security Evangelist, at RSAC 2026 to discuss the key threats on their radar, why EDR killers are keeping CISOs up at night, how supply chain risk is broader than most organizations realize, and why the rush to deploy AI agents without governance could be the next major security crisis.
Q. What are the main takeaways from the e-crime and threat research that ESET is talking about at RSAC this year?
Jean-Ian Boutin:
We’ve been tracking APT threat actors for many years, and offering intelligence around these e-crime parameters for many years. At RSAC, we’ve launched standalone eCrime Reports as part of our Threat Intelligence portfolio where we have a team dedicated to tracking the same ransomware threat actors.
The idea is to really focus on how the affiliate system works. So that people are protecting the networks and understanding all the affiliates, what ransom families they’re using but also how they are breaching networks, so that people can read about these specific groups, read which sectors are targeted, and then apply some of the intelligence as protection.
Last week, ESET published their EDR killer blog which provided a deep dive into these modern ransomware operations. Each ransomware gang and each affiliate is actually using these tools because EDR is now very efficient at protecting endpoints against ransomware attacks.
They’re trying to kill EDR right before the launch of the ransomware attack. And we are trying to cluster these tools, as well as how different affiliates use them, so that threat researchers can understand what the tool is and what it might mean.
And also, the fact that they’re using legitimate drivers to enable them to have code which is executed in the kernel space. And how these drivers are going to actually kill these processes which are typically protected. And how these drivers are going to pass the actual certifications, because sometimes they have legitimate use. So, we’re kind of trying to raise awareness.
Q. I was just at a panel where the CISO at Nationwide Bank said that EDR killers and EDR bypass are right up there as one of the top threats keeping them up at night. Why are these threats taken so seriously?
Tony Anscombe:
For somebody like Nationwide Bank, that will be specifically very devastating. If somebody can actually unlock your vault, so to speak, and allow anybody to walk in, that’s why the EDR killer is right on top of their list. But stopping an EDR killer is about having layered protection. There are different ways to detect somebody trying to deploy an EDR killer.
So, I don’t think it should be a worry if they’ve got the right security architecture. They should be less worried. There are many, many steps that could be detected before deploying a particular payload. You have a lot of detection opportunities.
Q. Tony, you’re doing a talk on supply chain blind spots. What are you covering and what are the key takeaways?
Tony Anscombe:
Supply chain is really interesting, because if you look at most of the attacks that seem to happen, supply chain is the primary one. If you look at 2024, you had, well, you start with CrowdStrike, and I’m using that because it was a supply chain issue rather than an attack. But you had CDK, you had Change Healthcare. The three of them were classed as catastrophic by the insurance industry, all supply chain. And then last year you had JLR, and Marks and Spencer. If you look at nearly all the attacks that are classed as major, they’re all supply chain attacks.
But I think supply chain is much wider than we think of it. If you say supply chain to a CISO, I think they think of what they’ve got going back in their own supply chain. And I think it goes in both directions. The JLR example is interesting, because you take down something in the center, and the attack actually goes in both directions.
It stops the supply chain going one way and it stops the supply chain going the other way. Change Healthcare is the same. You’re stopping the insured and you’re stopping the medical practice. So, are people really thinking about their supply chain in both directions, and are they actually thinking about it broadly enough?
Q. What are your recommendations for how organizations start addressing that?
Tony Anscombe:
I think cybersecurity people think about cybersecurity stuff from the perspective of IT hardware, infrastructure, cloud services. I think you need to start thinking about the business supply chain and overlapping it with the cyber supply chain.
Because you see evolution in ransomware. Think about it: if I could identify that Jaguar Land Rover gets all their gearbox screws from one source, do I actually need to attack Jaguar Land Rover, or do I just need to attack the one screw provider? It’s got 50 people and limited security. And then ask Jaguar Land Rover for a ransomware demand. And not actually attack Jaguar Land Rover at all.
So, my point is: does it broaden out, does it change? It’s not just about what’s in your cyber piece of the supply chain. I think you need to look at your actual business supply chain, your operational stuff.
Q. Do you think on the cyber insurance front there should be more of a drive to think about the whole supply chain?
Tony Anscombe:
There’s a piece of my presentation on cyber insurance. If you’re a cyber insurer, there’s two parts to this. There’s the cyber insured that don’t use the services of the cyber insurer, and we’ll come back to those people in a moment. But they ask you 300 questions. They do a scan. They look at your infrastructure, the applications you’re using, they know the versioning. They will start telling you if a vulnerability comes up tomorrow. Your insurer will send you a notification. You’ve got 30 days to fix the patch or the vulnerability. Otherwise, you’re not insured. So, the insurer is actually starting to encroach on being a cybersecurity services company.
But if I’m a cyber insurer and I know you use product X version 15, then I probably know the dependencies in product X version 15. Because if 20% of my insured portfolio use the same product, then I can actually start looking at the risk of that. The insurance industry, I don’t think they’re quite there yet. But in effect, they could actually be providing intelligence on the supply chain to stop companies having to go and do it themselves. Because at the moment, every company is doing it on their own.
They’re looking at their entire supply chain and how that risk manifests. But the insurer has all the data on all of them. And it lowers risk. So, for me, this would be a natural progression for the insurer to actually start doing supply chain management, or at least the dependencies in the supply chain management for the companies that they insure.
Q. Enterprises are deploying AI agents with very little governance in place. What are the security challenges there?
Tony Anscombe:
It’s important to make sure that the agents in your organization aren’t going outside the guardrails that you’ve already set. And that you’re not inadvertently leaking information. It’s a complex environment. This innovation mechanism is happening quickly to provide companies with tools, and in the context of supply chain, companies may well start putting agentic AI into their systems to manage supply chain.
We put out a blog on Friday about the security crisis that’s brewing with AI agent platforms, with some stats on what our researchers have found.
You need to be really cautious. Seven or eight years ago, Facebook and its advertising model used a lot of AI. Zuckerberg spoke in front of Congress or the Senate, and they turned and said, how did these adverts actually start appearing? He actually said, we’ve got no idea. And to me, everybody should look at something like that from seven or eight years ago. Because if you can’t control what your business is actually doing, you could end up being the person in front of Congress having to answer the questions. And at least he was honest. He said, we’ve got no idea and we’re going to rein it back.
I’ve talked to some founders with pretty large companies lately, and they’re like, we’re not going to touch AI for two years. We want to see what happens to everyone else and how it plays out before we bring it into our business at all. And that might be very conservative, but I’m not sure that’s the right way either. You should be exploring it. I think you’ve got to do both.
Q. A lot of people have been saying that in the last 12 months we’ve gone from human in the loop to a point where AI is working so quickly that having a human in the loop is a bottleneck. Do you agree, or is it too risky to keep humans out of it?
Tony Anscombe:
I think you could do a lot more damage by rushing. There was a talk yesterday morning on cyber law, and they were talking about emotive AI. The lawyer that was speaking had a really good point: if you’re talking to one of these NHS chatbots and you’ve got your own mental health issue, she believes that it should flag on the screen continually that you’re not talking to a person. And I think everybody’s rushing to do something and not thinking about the consequences of what they’re doing or the full consequences.
If you did that and you slowed it down and you thought about it over time, you probably would realize the risk that you’re actually putting people under. And there’s no difference in any other agentic AI solution. I would say more haste, less speed.
Jean-Ian Boutin:
And even at ESET, we are on both sides. We are exploring how we use it and we are exploring how to protect it by launching new capabilities. So, it’s a very interesting and complex challenge. But you won’t see us deploying AI because we need to say that we’ve deployed it. We’ve deployed it for purpose. We’ve considered the purpose.
