RSAC Recap: Agentic AI Takes Over Security Landscape

Cybersecurity conference highlights shift to AI-powered security tools and challenges facing CISOs

Mar. 28, 2026 at 4:34am by Ben Kaplan

Got story updates? Submit your updates here. ›

The RSA Conference in San Francisco saw a major shift in cybersecurity vendor messaging, with 'agentic AI' and 'agentic SOC' taking center stage. Experts note that the rise of AI is putting pressure on security company valuations, potentially leading to consolidation and rising costs for organizations. Meanwhile, attackers are also leveraging AI to enhance phishing and other malicious capabilities, widening the gap. In an interview, Commvault CISO Bill O'Connell discusses the evolving CISO role, the importance of cyber resilience and 'ResOps', and the need to effectively communicate risk to business leaders.

Why it matters

The RSA Conference is a bellwether for the cybersecurity industry, and this year's event highlighted the growing influence of AI on both defensive and offensive security tools. As AI becomes more pervasive, CISOs will need to adapt their strategies to focus on cyber resilience and recovery, rather than just prevention, while also navigating the financial and operational challenges posed by the technology.

The details

According to the recap, the RSA Conference saw a shift away from 'zero trust' marketing towards an emphasis on 'agentic AI', especially in the area of security operations centers (SOCs). Experts noted that the rise of AI is putting pressure on cybersecurity company valuations, which could lead to accelerated consolidation in the industry and rising costs for organizations as they try to adopt the new technologies. There are also concerns that AI disproportionately benefits attackers, with new phishing-as-a-service capabilities emerging. One standout booth, MindGuard, used a 1990s metaphor to argue that AI security is as immature as cybersecurity was decades ago.

  • The RSA Conference took place in San Francisco in March 2026.

The players

Jim Love

Co-host of the Cybersecurity Today podcast.

David Shipley

Co-host of the Cybersecurity Today podcast and a security expert.

Bill O'Connell

Chief Security Officer at Commvault, a data management and protection company.

Got photos? Submit your photos here. ›

What they’re saying

“AI is pressuring cybersecurity company valuations and could reduce funding, accelerate consolidation, and raise security costs due to heavy compute requirements, even as demand increases.”

— David Shipley, Security expert and co-host of Cybersecurity Today

“AI disproportionately benefits attackers, including new phishing-as-a-service capabilities, while organizations cut security hiring in anticipation of AI gains.”

— David Shipley, Security expert and co-host of Cybersecurity Today

“Backup to cyber resilience, the evolving CISO role, communicating risk, the importance of recovery and 'ResOps,' and celebrating CISOs, including Time magazine's CISO of the year concept.”

— Bill O'Connell, Chief Security Officer, Commvault

What’s next

The judge in the case will decide on Tuesday whether or not to allow Walker Reed Quinn out on bail.

The takeaway

As AI becomes more prevalent in cybersecurity, CISOs will need to shift their focus from prevention to cyber resilience and recovery, while also navigating the financial and operational challenges posed by the technology. The rise of agentic AI tools, both for defense and offense, is transforming the security landscape and requiring CISOs to adapt their strategies accordingly.