Spotlights cut through the Moscone Center haze — RSAC 2026, packed shoulder-to-shoulder with CISOs nursing overpriced coffees, eyes glued to a demo where an AI agent sniffs out a zero-day exploit faster than any human could blink.
Kelly Jackson Higgins, Dark Reading’s sharp-eyed correspondent, just wrapped her whirlwind tour of the floor. She’s seen it all: the past’s clunky signature-based defenses, today’s probabilistic models chewing through petabytes of logs, and a future where AI doesn’t just detect threats — it anticipates them, rewires networks on the fly.
Dark Reading’s Kelly Jackson Higgins shares insights on the past, present, and future of cybersecurity after attending RSAC 2026 Conference.
That’s her takeaway, boiled down. But here’s the thing — it’s not just evolution. It’s an architectural quake. Cybersecurity’s old moats — firewalls, IDS boxes — they’re crumbling under AI’s weight, forcing a rethink from reactive patching to predictive architecture.
Remember When AI Was Just Buzzword Bait?
Back in 2017, RSA’s keynotes peddled machine learning like snake oil for phishing filters. Worked okay — until adversaries figured out evasion tricks, like subtly tweaking email pixels to fool classifiers.
Fast-forward (sorry, couldn’t resist), and RSAC 2026 flips the script. Vendors aren’t hawking black boxes anymore; they’re building AI meshes — interconnected agents that collaborate across endpoints, clouds, SIEMs. Think less lone ranger, more wolf pack, sharing threat intel in milliseconds.
But — and this is my dig, absent from Higgins’ notes — it’s eerily like the antivirus boom of the ’90s. Symantec ruled with signature updates; polymorphic viruses laughed them off. Today’s neural nets? Same vulnerability. Poison a training dataset with sly synthetic attacks, and your defender turns dumb.
One panelist admitted it: “We’ve shifted from rules to models, but models hallucinate too.” Understatement of the year.
Picture this sprawl: A sprawling, comma-laden demo where AI ingests NDR telemetry, cross-references it with threat feeds from CrowdStrike and Mandiant, then autonomously quarantines a beaconing C2 server — all before the alert hits your inbox. Impressive? Sure. Scalable? That’s the gamble.
Higgins nailed the present: AI’s slashing mean-time-to-respond from hours to seconds. Tools like Vectra’s AI-driven NDR or Darktrace’s ‘immune system’ now predict lateral movement with 95% accuracy claims. Vendors demoed it live — a simulated APT group worming through AWS S3 buckets, halted by an AI ‘hunter’ rewriting IAM policies mid-stride.
Yet skepticism creeps in. These systems guzzle GPUs like candy — fine for enterprises, murder for SMBs. And the data moats? Enterprises silo logs; AI starves without federation.
How’s AI Actually Rewiring Cyber Architectures?
Strip away the demos. The real shift? Zero-trust on steroids. RSAC buzzed with intent-based segmentation, where AI infers user intent from behavior graphs, dynamically slicing networks. No more static policies — fluid barriers that adapt to anomalies.
Take Palo Alto’s session: Their Cortex XDR now uses generative AI to simulate attack paths, stress-testing your environment before hackers do. “It’s like having a red team that never sleeps,” the rep boasted.
Cool. But why does it matter? Because legacy stacks — VPNs, perimeter defenses — they’re dinosaurs in this era. AI demands a new substrate: observability fabrics spanning hybrid clouds, with APIs for agent swarms to plug in.
Higgins captured the vibe: Execs debating not if, but how fast to rip out old tools. My bold call? By 2028, 70% of breaches won’t touch humans first — AI vs. AI dogfights in the wire.
Short para for punch: Risky bet.
Why Does RSAC 2026’s AI Hype Feel Like a Trap?
Skepticism time. Vendors spun tales of utopia — AI democratizing security, lowering barriers. Baloney. It’s widening the chasm: Big Tech firms with PhD teams dominate; startups drown in compute costs.
Worse, the attack surface explodes. RSAC whispered about adversarial AI: Tools generating deepfake C-suite emails that bypass MFA via voice synth, or ML models crafting malware evading EDR signatures.
One rogue demo (off-stage, hush-hush) showed an open-source LLM jailbroken to spit Cobalt Strike payloads. Higgins hinted at it in her future gaze — nation-states like China’s Volt Typhoon already probing AI supply chains.
My unique lens: This mirrors the quantum crypto scare of 2015. Everyone panicked about harvest-now-decrypt-later; few built post-quantum keys. AI’s the same — we’re hyping defenses while ignoring offense. Prediction: First major AI-orchestrated wiper hits by 2027, targeting GPU farms training defender models.
And the PR spin? “AI makes us safer.” Cute. It makes threats faster too.
Panels dragged on regulatory lags — EU AI Act fumbling cyber specifics, NIST scrambling. But underneath? A quiet pivot to resilience engineering: Bake AI into SOC orchestration, not bolt-ons.
Will AI in Cybersecurity Outpace Human Oversight?
Zoom to the future Higgins sketched. Autonomous SOCs. Agents negotiating with attacker bots — think DeceptionGrid evolving to AI honeypots that learn and counter.
Exciting? Terrifying. What if the agent’s ‘autonomy’ drifts, false positives nuking legit traffic? RSAC floated human-in-the-loop hybrids, but demos skewed full-auto.
Here’s the rub — architecture wins. Build for composability: Modular AI plugins over monoliths. That way, when (not if) models falter, you swap ‘em without rebuilds.
Higgins’ parting shot resonates amid the expo din: Cyber’s past was tools, present models, future? Ecosystems where AI, humans, quantum sensors entwine.
One sentence wonder: Bet on it.
But don’t sleep — or you’ll wake to AI-forged keys unlocking your kingdom.
🧬 Related Insights
- Read more: Hacker Gangs Clash Over TeamPCP’s Supply Chain Rampage
- Read more: Apple’s Late DarkSword Patch Hits More iPhones – Too Little, Too Late?
Frequently Asked Questions
What happened at RSAC 2026?
RSAC 2026 spotlighted AI’s role in accelerating threat detection and response, with demos of agent-based defenses and debates on emerging AI attack vectors.
Is AI making cybersecurity easier for small businesses?
Not yet — high compute demands favor enterprises, but federated learning promises could level the field soon.
How will AI change cyber threats by 2027?
Expect AI-generated attacks mimicking legit traffic, forcing a shift to predictive, resilient architectures over reactive tools.
