The rise in cyberattacks powered by GenAI and the need for automating more security processes has led AI to move from buzzword to reality in a short amount of time, cybersecurity executives tell CRN at RSAC 2025.
The rise in cyberattacks powered by GenAI and the need for automating more security processes has led AI to move from buzzword to reality in a short amount of time, cybersecurity executives told CRN at RSAC 2025 this week.
While this is the third year in a row where AI was a dominant theme at RSAC, industry executives said the increasing mainstream adoption of the technologies has made AI a more natural conversation at this year’s conference.
[Related: RSAC 2025: AI Is Changing Everything For Security — Except The Hard Problems]
Ultimately, both from a business and a security perspective, it’s now an imperative for organizations to utilize AI, executives said in interviews with CRN at RSAC 2025 in San Francisco.
“Last year there was certainly a lot of buzz about it, but it was companies sandboxing, piloting — a lot of evaluation,” said Kevin Lynch, CEO of Optiv, No. 25 on CRN’s Solution Provider 500. “This year, it’s about, ‘We’re in mainstream production, and we have a lot to protect and a lot to think about doing here.’”
Without a doubt, there is much less eye-rolling when AI gets brought up in a conversation at RSAC this year, according to Kevin Simzer, COO at Trend Micro.
Instead, given that there’s now real applications for customers, “there’s a genuine interest in how to enable this,” Simzer said. “Because they’re all facing the same competitive environment.”
There’s no question that for most organizations, “you have to do this for efficiency,” Optiv’s Lynch said. “And from a customer satisfaction and customer experience basis, to move faster, you have to do this. So the days of contemplation, I think, are over.”
Organizations also have little choice about whether to utilize AI-powered tools for their own security, executives said.
Instances of new cyberattacks that are unquestionably aided by GenAI are surging, said Lee Klarich, chief product officer at Palo Alto Networks.
“We can tell that AI is being used by attackers in order to build and launch more new attacks every day,” Klarich said. “At the same time, we have data that shows that the time from the initial attack to breach is getting shorter and shorter. So you have more attacks that are happening faster.”
In response, “it’s very clear that the answer to this [is that] we have to leverage AI much, much more than we traditionally have as an industry,” he said.
While some security vendors have chosen to largely ignore AI for their products, “they probably won’t be here much longer or coming back to RSA,” said Daniel Bernard, chief business officer at CrowdStrike.
“In a lot of other industries, I think embracing AI is optional,” Bernard said. “In cybersecurity, AI is not optional.”
Impacts Of Agentic
The rapid pace of change wrought by AI — now set to enter a bold new phase with the emergence of agentic — also makes it even more essential that security has a central role rather than being an afterthought, executives said.
What more of the industry should be thinking about is how to use the autonomous technologies themselves to securely configure new AI systems as they are created, SentinelOne co-founder and CEO Tomer Weingarten told CRN.
“Even the discovery and the configuration of surfaces needs to be automatic, ideally autonomous,” Weingarten said. “The future that we envision is one where these systems — and it’s only a question of time — are going to be so autonomous in their operation that we need to start programming them to actually do the entire heavy-lifting as well.”
In other words, “we need to start thinking about how we use the systems themselves to deploy securely to begin with — because these systems, what they give us, more than anything else, is scale,” he said. “They give us the ability to see everything. They give us the ability to cover everything and to react to everything in a manner that [even] an unlimited amount of humans almost can’t.”
‘Everything Moves Faster’
The arrival of agents is likely to be a far more substantial shift for cybersecurity than LLMs have been, according to Ami Luttwak, co-founder and CTO of Wiz.
“Implementing native language interfaces is nice, but it’s not revolutionary,” Luttwak told CRN. “Right now agents feels like it’s a much bigger revolution, because it can impact your team.”
Security vendors and professionals also do not have the luxury of waiting too long before working to ensure that the new systems related to AI and agentic are themselves secure, he said.
“Now everything moves faster, so we have to move faster in security,” Luttwak said. “We can’t wait five years.”
The bottom line on AI is that, for the foreseeable future, it’s something that no organization will be able to ignore if they want to be successful, said Daniel Kendzior, global data and AI security practice leader at Accenture, No. 1 on CRN’s Solution Provider 500.
“If you’re not in the game [with AI], you’re going to be wildly behind your competitors,” Kendzior said. “And then from a security perspective, you’re going to be wildly behind the threat actors.”
