Newsletter

Cybersecurity Decrypted #31: Live @ RSAC 2025

Last updated on May 7, 2025
Joel Witts
Laura Iannini
Written by Joel Witts Technical Review by Laura Iannini
What’s Next For Cybersecurity? 19+ Key Predictions From Cybersecurity Experts

Welcome to Cybersecurity Decrypted – the weekly cybersecurity newsletter from Expert Insights.

This week, we’ve been out at RSAC 2025 in San Francisco, where we’ve seen:

  • 💥 Dozens of big announcements from top cybersecurity companies
  • ⚠️ The latest vendor-led research on threats and trends in the cybersecurity space
  • 🤖 Agentic AI dominating the cybersecurity conversation

You can listen to our Decrypted Roundup of top conversations we’ve had at the show this year: Subscribe here.

This field is for validation purposes and should be left unchanged.

🌁 Key Insights From Cybersecurity Experts At RSAC 2025

RSAC is one of the biggest cybersecurity events of the year, bringing together thousands of vendors, security professionals, and investors to San Francisco.

The sheer amount of news and announcements can be overwhelming, so we’re here to cut through the noise and bring you actionable takeaways.

1. AI Is A Double-Edged Sword

AI’s capacity to bolster cybersecurity is matched by its potential to empower attackers, creating an urgent need for responsible implementation to stay ahead in an escalating arms race.

  • Jen Easterly (former CISA Director): “I believe in a world where AI can be used to detect attacks before they occur, to deploy countermeasures in milliseconds. But […] AI that can protect, can attack. AI that can prevent fraud, can commit it. AI that can identify a vulnerability, can exploit one.”
  • John Hultquist (Google Threat Intelligence): “The adversary is going to figure out new ways to use AI, and it’s going to help them scale their operations. We are, whether we like it or not, in an arms race with them. So, we’re going to have to get better. But AI could be the solution that we’ve been looking for.”

2. Rise of Agentic AI

Agentic AI is transforming cybersecurity by automating repetitive tasks and enhancing efficiency, but its adoption requires auditable systems and trust-building to ensure reliability.

  • Rupesh Chokshi (Akamai): “I do genuinely believe that […] GenAI apps and agentic AI will be able to deliver business benefits. If you’re doing any repeated task, it can do better and it can do with more precision.”
  • Deepen Desai (Zscaler): “There is a lot of potential for agentic AI [in cybersecurity]. I think it’s going to take a good couple of years to remove the noise and start seeing the real benefits.”
  • Nicole Carignan (Darktrace): “I think we’re already almost there with a fully autonomous SOC analyst. Humans are always still going to be a part of it, but their roles are going to drastically change, and I think that’s really exciting. AI will offload SOC level one and two triaging, allowing humans to focus on strategic remediation.”
  • Kara Sprague (HackerOne): “I’m very, very excited about the potential impact of AI because most of the existing tools have the problem of false positives. We’ve got our most talented cybersecurity folks basically buried in drudgery, digging through piles of false positives. AI can have a huge impact in enabling those folks to be much more effective.”
  • Chas Clawson (Sumo Logic): “We’re going to see AI embedded in every aspect of the investigation and the response lifecycle. Yesterday, it was human-led investigations, AI-assisted. Tomorrow, it’s going to be AI-led and human-reviewed, where the AI does the bulk of the heavy lifting.”

3. The Importance Of Community Collaboration

The cybersecurity community is shifting toward proactive resilience, leveraging AI to reduce false positives and recover swiftly, while fostering collaboration to combat shared threats.

  • Simon Hunt (Securonix): “Every competitor to a cybersecurity company is a cybercriminal. Sure, security companies compete with each other for dollars, but if one of us wins, we win as a society. So, every marketing person should be thinking about how their company is helping solve a real problem for not just for their customer, but for the ecosystem they’re in, and start framing their message in terms of that doing good.”
  • Patrick Joyce (Proofpoint): “What I see, and it just gets stronger and stronger, is that ecosystem of trust among security professionals. Because they’re all protecting against anarchy, relative to security.”
  • Darren Shou (RSAC): “A rising tide rises all ships, and this is what we can do in cybersecurity. Adversaries are adapting quickly. They’re getting the same tools as the defenders. We have to be constantly vigilant, and so, individually we are strong, but together, I think we might actually be unstoppable.”

We’ll be writing a more detailed breakdown of our key thoughts and takeaways over the coming weeks. Stay tuned for more insights.

🚨 RSAC: 10 Key Announcements

There’s been no shortage of vendor announcements this week – here are some of our highlights.

  1. ProjectDiscovery was named “Most Innovative Startup 2025.”  Andy Cao, COO, told Expert Insights: “We are an open-source powered security company on a mission to solve vulnerability management.”
  2. Prior to RSAC, Google Cloud announced two agentic agents powered by Gemini; an alert triage agent that performs investigations and a malware analysis agent. 
  3. Cisco announced new features and capabilities for Cisco XDR and Splunk, including integrated agentic AI to surface threats across email, networks, and cloud services.
  4. SentinelOne unveiled the next generation of “Purple AI”, showcasing agentic AI capabilities including deep security reasoning and sophisticated orchestration. 
  5. Akamai launched a new “Firewall for AI” solution, designed to protect generative AI from prompt attacks and malicious outputs.
  6. Proofpoint unveiled “Proofpoint Prime Threat Protection”, which provides impersonation protection and risk-based employee guidance and education—in a single, integrated solution.
  7. Palo Alto Networks released “XSIAM 3.0”, which delivers AI-driven prioritization, automated remediation, and advanced email security. They also announced that they will acquire AI security company ProtectAI.
  8. Abnormal AI launched a new agentic AI “Phishing Coach” designed to offer autonomously delivered SAT to users.
  9. Crowdstrike launched two new agentic AI solutions—”Charlotte AI Agentic Response” and “Charlotte AI Agentic Workflows”—that deliver autonomous investigation and response features.
  10. Bugcrowd has launched a new Red Team as a Service (RTaaS) offering.

📡 Threat Watch

There’s been a bumper release of threat research around the RSAC. Here’s a selection of the key information not to miss:

  • Zscaler’s 2025 Phishing Report outlines how cybercriminals are exploiting AI to launch precise phishing attacks. Deepen Desai, Chief Security Officer at Zscaler told Expert Insights: “Phishing in terms of volume actually went down; we saw about a 20% reduction globally. But there is definitely a shift happening from volume [of phishing] to quality.” 🔗
  • Infostealer activity has surged 266% in recent years, according to a new report from KELA. 🔗
  • Ransomware groups—RansomHub, LockBit, Play, Akira, and Hunters—were responsible for over 36% of all ransomware incidents monitored by Delinea in 2024. 🔗
  • Google released their latest zero-day exploitation analyst report, tracking 75 zero-day vulnerabilities in the wild. Exploits were down in 2024 compared to 2023, but still higher than where they were in 2022.  🔗
  • Security researchers discovered a vulnerability in Apple’s AirPlay protocol and SDK, which could have allowed attackers on the same network to execute remote code without user interaction. Apple released security patches to address the vulnerability in March. 🔗

📰 Other headlines this week:

  • Meta introduced new Llama protection tools, including Llama Guard 4, LlamaFirewall, and Prompt Guard 2, to enhance AI security against threats like prompt injections and insecure code. 🔗
  • Supermarkets in the UK have come under attack this week. M&S has faced days of disruption due to a cyberattack including issues with payment and “click and collect services.” The Co-Op supermarket chain and luxury department store Harrods have also been targeted in a cyberattack attempt.

🔍 Expert Insights: Latest From Us

Don’t miss this week’s round of interviews & insights with cybersecurity experts and thought leaders.

That’s all for this week! 👋

How did you find this newsletter? Please send us any feedback to help us improve. Thanks for your support.

Expert Insights’ Cybersecurity Resources

This field is for validation purposes and should be left unchanged.
Written By Written By
Joel Witts
Joel Witts

Joel Witts is the Content Director at Expert Insights, meaning he oversees all articles published and topics covered. He is an experienced journalist and writer, specialising in identity and access management, Zero Trust, cloud business technologies, and cybersecurity. Joel is a co-host of the Expert Insights Podcast and conducts regular interviews with leading B2B tech industry experts, including directors at Microsoft and Google. Joel holds a First Class Honours degree in Journalism from Cardiff University.

Technical Review Technical Review
Laura Iannini
Laura Iannini Cybersecurity Analyst

Laura Iannini is an Information Security Engineer. She holds a Bachelor’s degree in Cybersecurity from the University of West Florida. Laura has experience with a variety of cybersecurity platforms and leads technical reviews of leading solutions. She conducts thorough product tests to ensure that Expert Insights’ reviews are definitive and insightful.