WHAT STRUCK ME AT RSA 2026
CODY BARROW, ECLECTICIQ CEO, REPORTS ON THE 2026 RSA CONFERENCE
“Like last year, RSA this year was overwhelmingly about AI. Not AI governance or acceptable use, which dominated last year, but autonomous agents operating inside the SOC with real decision-making authority, and in some cases companies using AI to build their products entirely. Probably 40% of sessions were AI-focused, and “agentic” was so common it became a running joke.
On the show floor, every major vendor was demoing some version of an AI-driven SOC. Automated root-cause analysis, response playbooks running without analyst input, triage handled end to end. The question has moved from whether to use AI to how much autonomy it should have. Nobody I talked to had a good answer on the governance side of that, which in my opinion is more of a European consideration than American. Americans “figure it out later.”
The offensive picture is moving fast too. Threat actors are using LLMs for recon and phishing at scale, and a few sessions got into multi-agent architectures being built for exploit automation. Offensive AI is just easier to operationalize than defensive AI is to govern, and that asymmetry came up repeatedly.
Beyond AI, post-quantum cryptography (PQC) had a notable presence. The framing has shifted from a future concern to an operational priority, with security leaders being told to inventory their cryptographic assets and start migration planning now rather than later.
The classical cyber vendors are all bolting AI onto their platforms, but the more interesting tension is between them and a new generation of AI-native startups building security tooling from the ground up. US companies are dramatically reducing costs and workforce, simplifying team structures, and focusing expense away from full-time employees toward token costs for AI-generated code. This is happening faster than people realize, and I believe that will be very apparent by end of year. I also think the pace of this will surprise European vendors.
That means from a European perspective, the US market is adopting AI in security faster, but the governance thinking is shallower than what we’re developing in Europe. That gap creates friction but also an opening for companies that can move at American speed while meeting European regulatory expectations.”
POINTSHARP : NEW PARTNER
Pointsharp is expanding its technology partner catalog by announcing the partnership with Swissbit.
“Founded in 2001, Swissbit has become a leading European technology company for data storage and security solutions. The security key Swissbit iShield Key 2 will be added as a supported security key in Pointsharp’s IAM solutions. Using security keys together with passkeys for secure authentication has proven to be a high-security measure with strong phishing resistance for many organizations. Adding support for Swissbit products to the Pointsharp Access Management solution gives customers an even wider selection when upgrading security.”
