Join us for this edition of AnalystANGLE from the RSA Conference 2025 as we explore the evolving landscape of cybersecurity with industry experts.
In this insightful discussion, John Furrier and Dave Vellante of SiliconANGLE Media, Inc. are joined by Jon Oltsik, a former distinguished analyst, to examine key trends and themes from day two of RSAC 2025. The panel focuses on the prominence of artificial intelligence in security conversations, offering a detailed examination of how AI shapes and challenges the industry today, as highlighted during theCUBE's live coverage.
The conversation uncovers key takeaways such as the rapid democratization of AI capabilities, which broadens threat vectors and enhances defensive strategies in cybersecurity. By attributing insights to their sources, the discussion offers a comprehensive overview of the current cybersecurity landscape, providing professionals with actionable intelligence to stay ahead in this dynamic field.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC Conference 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For RSAC Conference 2025
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSAC Conference 2025.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC Conference 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to RSAC Conference 2025
Please sign in with LinkedIn to continue to RSAC Conference 2025. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Day 2, RSAC AnalystANGLE
Join us for this edition of AnalystANGLE from the RSA Conference 2025 as we explore the evolving landscape of cybersecurity with industry experts.
In this insightful discussion, John Furrier and Dave Vellante of SiliconANGLE Media, Inc. are joined by Jon Oltsik, a former distinguished analyst, to examine key trends and themes from day two of RSAC 2025. The panel focuses on the prominence of artificial intelligence in security conversations, offering a detailed examination of how AI shapes and challenges the industry today, as highlighted during theCUBE's live coverage.
The conversation uncovers key takeaways such as the rapid democratization of AI capabilities, which broadens threat vectors and enhances defensive strategies in cybersecurity. By attributing insights to their sources, the discussion offers a comprehensive overview of the current cybersecurity landscape, providing professionals with actionable intelligence to stay ahead in this dynamic field.
On the second day of theCUBE’s coverage of the RSAC 2025 Conference, theCUBE Research’s Jon Oltsik, John Furrier and Dave Vellante break down key cybersecurity trends. Their AnalystANGLE conversation focuses on how artificial intelligence is shaping both the threat landscape and defensive strategies.
Oltsik explains how the democratization of AI is expanding the attack surface, creating urgency for smarter, more adaptive security frameworks. Vellante and Furrier add that many of the event’s top conversations reflect a growing need for AI governance a...Read more
exploreKeep Exploring
What role can AI play in bridging the gap between the functionality of security tools and the average user's utilization of them?add
What is the key aspect in the short term and midterm when it comes to human intelligence and AI technology, according to the speaker?add
What are the differences between a best of breed approach versus a best of platform approach in cybersecurity, particularly in relation to companies like CrowdStrike, Palo Alto, and Microsoft?add
What is the battle for share of wallet among large enterprises in the realm of new applications and tools, particularly in relation to companies like Palo Alto, Microsoft, CrowdStrike, and Cisco?add
What criteria are being used to evaluate vendors in the technology industry?add
>> Welcome back everyone to theCUBE's live coverage here in San Francisco for day two of RSAC or RSA Conference. This is now the biggest industry conference around cyber security because it covers business and tech. Broad breadth of conversations, almost too much some say. Unlike Black Hat, which is more of a festival, I call it. The teams show up. Of course, we've got all the data and coverage. I'm John Furrier, host of theCUBE, with Dave Vellante and Jon Oltsik, CUBE Research. We're going to break down day one analysis, looking forward to day two, and get the vibe of what's going on in the hallways, what's going on after hours, what are some of the top conversations and topics. Gentlemen, great to see you. And day two, we got two more days. Kind of a little hoarse voice because the bands were good last night at some of the parties. Trellis had a great event.
Dave Vellante
>> I feel rested though. We didn't hit it too hard.>> In bed by midnight. That's my rule.
Dave Vellante
>> Nothing good happens after midnight.>> I issued that rule many, many years ago. Didn't have it before. Jon, great to see you as always.
Jon Oltsik
>> Good to see you too.>> All right. So top conversation, AI is fundamentally changing everything, blah, blah, blah. I mean, just went to get coffee, AI, AI, just AI everywhere. Tons of conversation. Buzz and hype beyond all recognition. This is AI land. But there's real substantive conversations. So guys, what are you hearing? What are some of the real conversations that are happening around the impact of AI? It's kind of like fashion just showed up. We're in a new generation. Hey, we're all wearing the new clothes called AI. What's the cool and relevant conversations?
Jon Oltsik
>> Yeah. I just heard some good things in a meeting that... And if you think, so we used to always say this about Microsoft Word is that it's got all this functionality but the average user uses 10% to 20%. That's true in security as well. Historically, what you did to bridge that gap was you hired a bunch of people who were tasked with customer success and that was a services thing. That's a role AI can play. So AI can watch your behavior and say, here's a feature that you need, or I'm going to self-tune a firewall, for example, based on your traffic. So that's a real-time AI advantage that we'll get. It's not pie in the sky. This is happening now.
Dave Vellante
>> When three years ago at RSA, when sort of the GenAI shot heard around the world was just sort of happening, we kind of put forth the premise that initially the adversaries are going to have the advantage and over time the defenders may catch up or be closer. And I was listening to Jensen recently and he was saying, look, we got a problem here. It's not energy. Energy we'll figure out. We just don't have enough humans. And we don't have enough skilled humans. And he's on his robot kick. I think->> A kittle bit biased there of course.
Dave Vellante
>> Of course. And I think, I don't know, one of the houses, Morgan maybe put a report like $50 trillion industry by 2060 or something like that. Who knows? They were talking about flying cars one year too. But my point is that it seems like maybe it's not robots, but maybe it's intelligent agents or whatever is ultimately going to somewhat level the playing field. I mean that's the hope. Do you feel based on your practitioner knowledge that is a valid premise?
Jon Oltsik
>> I'd say it's a semi-valid premise. It's definitely not, it's not applicable in the short term and it's really specialized skills. So threat intelligence skills, cloud security skills, even AI security skills. Imagine you need people who know how to secure AI. How many of them are there in the world? But where it is a great equalizer is security departments over the last few years wanted coding skills because security people typically didn't have that. Maybe some scripting skills. So that will be an equalizer. Hiring junior people, that will be an equalizer. Making the decision between hiring or outsourcing. AI becomes sort of a middle ground. So I think that's where it will play quite a bit.>> I mean, Dave, one of the things I've been saying on theCUBE for years, and it's more I think prescient now with theCUBE here at RSA is that remember we used to talk about chess and chess grandmasters when computers came in. A grandmaster that wasn't a super grandmaster could be really augmented and compete. But the human intelligence, that grandmaster wouldn't crack the code to be the elite grandmaster because they were savants at the highest level.
Dave Vellante
>> Remember we had Gary Kasparov on. And when the Deep Blue or whatever it was called beat him in chess, he started a competition of humans and machines and the humans plus the machines beat the machines. Now, I don't know if you're saying that might change, but basically Jon's saying is, I think you too, is part art, part science.>> Well, there's two things that jump out to me. One was a sound bite from yesterday. But what Jon was talking about is I think the human intelligence aspect in the short term and midterm will be the key because like that chess, which is well documented body of work in the chess community around the role of the computer to the human to play better against the computer or against the best. And so I think there's going to be a surge of that kind of craft and that's going to come from skill. Because you got models, you got apps, and you got infrastructure all have to be contained because the data coming out of G2's talk, by the way, says the more fine-tuning you do, the more vulnerabilities come up. Because it's non-deterministic, you're starting to see kind of a whole nother set of issues that come from the benefit of AI. So I think the human in the loop, so to speak, will be a very key skill. And that's one. And the other phrase I heard with Palo Alto and on yesterday said, agents are like your 16-year-old kid when they get the permit. Great around the suburbs. Once they get on the freeway, it's like all shipwrecks. Oh my god, take the exit, break now. I'm like, yeah, but all the agents are on the road at the same time. So imagine hundreds of thousands of 16-year-olds driving on the freeway. That's what the agent world is like right now. And by the way, there are no rules. What's an exit? You're in Connecticut. You take the left turn, right turn exit. So this is the chaos that is now the oxygen of the industry. And I think this is going to be interesting to see how the vendors culturally shift. And I think that's what I'm looking at. The humans are key. Everyone's driving crazy. There's no rules yet, guardrails. It's just a punch line. But I think that is going to be the key. And the culture of these companies, I mean what you were doing five to 10 years ago as an organization, whether it's red team, blue team, or just basic staff, I think it's going to be a complete upside down change.
Dave Vellante
>> That says the art of security still matters and will for quite some time, which you could argue is good news for the adversary because of the lack of that skill.
Jon Oltsik
>> Well, it is but we tend to think of the adversary as this wildly sophisticated rocket scientist type of person. The truth is that most attacks are things like known vulnerabilities or social engineering. So things that we know how to defend against, but we through either ignorance or omission or just the fact we're too busy, we don't get to. And that's the stuff that will have an instant impact with AI and machine learning because we know what to expect and we can change it much more rapidly.
Dave Vellante
>> I want to test something else with you. A lot of folks talk about this. They think about the adversaries in a pyramid. Top of the pyramid, you got nation states. The middle, you've got e-crime or organized crime. And the bottom, you've got hacktivists. And you've got very sophisticated, less sophisticated, very sophisticated, not many of them, I mean plenty of them, but not like millions. In the middle layer, you've got more, a little less sophisticated. In the bottom layer, less sophisticated, but a zillion of them. And the premise is that AI has democratized that skill set, that capability for the adversary and pushed it down to the point that it's now overwhelming most organizations' abilities to keep up with it and maybe even creating a wider gap. What's your take on that premise? I'm testing all my-
Jon Oltsik
>> All your theses.
Dave Vellante
>> All my theses that I hear in the industry with somebody who I think has a good handle on this stuff.
Jon Oltsik
>> Well, it's true, but... I mean, again, we're pushing down the skill set, but we're pushing up the defenses. So there's some meeting in the middle. Now where that balance strikes is I think it's cyclical. And I do believe the adversaries had an advantage up front. I think the industry is catching up, but there'll be that push-pull forever.
Dave Vellante
>> I was one of the guests that came on last night on theCUBE After Dark. I keep calling it that. It was really theCUBE at sundown. Basically in their website, it's a startup. We talk about shiny new toys and you were talking to Anand yesterday about the end of best of breed, which is Nikesh Arora's latest line. But there was a startup and their website, it said real time's not good enough, and basically pushing for a new thoughts on how to defend. I wonder if you could comment on that. And basically what they were saying is we're trying to find the bad guy and kick them out in real time. That's not the right approach. What we need to do is rethink that and, I don't know, stop the breach. It was what George Kurtz would say, which is pretty aspirational. But that notion of just sort of flipping the philosophy on its head, what do you think about that?
Jon Oltsik
>> It's possible and we're doing some of that, and that's more predictive analysis. So for instance, we can look at a DNS infrastructure, we can see historical patterns on what the adversary did, and we can predict what they'll do in the future and then start to block IP addresses. We do that with vulnerabilities. There's a, and I can't remember what this stands for, but EPSS.
Dave Vellante
>> An acronym that you don't know?
Jon Oltsik
>> It's somewhere in my brain, Dave. I'll figure it out. But it's a predictive scoring system based on historical patterns of what the adversary will do next to exploit a vulnerability. So we're doing that. I'd say we're doing it okay. But that's something that absolutely will explode as we use more AI.>> Endpoint protection platform.
Jon Oltsik
>> No.>> No? Different, okay.
Jon Oltsik
>> EPSS. It's a exploit prediction scoring system I think or I'm really close.>> That's actually coming up, this whole scoring framework thing. We had SecurityScorecard came on. A lot of these rankings are going to come up. And I think, Dave, your point about best of breed is it was an old saying back in the old Silicon Valley days. The VC would fund a company. We'd joke and say that's a feature, not a company. You're starting to see that mindset in security where the actual system's design has to look at why best of breed existed in the first place and saying if I can have as a decoupled subsystem in a platform and highly cohesive in its element, that's an operating system kind of mindset. You say, okay, I'd rather have a platform. So the consolidation, cost, efficacy, and ROI is going to look at that. And any organization worth their salt has to look at the defense piece priority of saying, is it better to re-platform? That's why I'm on the re-platforming kick because there are benefits to platforms. But then you have platform sprawl, platforms of platforms. Okay, that's interconnect. These are new concepts I think in a world that has been kind of fighting with sticks and knives. And I think the product conversation, which is why I'm looking at all the vendors saying who are their staff, who's on their team, what are they doing for product? And I think the vendors are going to show themselves here at this event.
Dave Vellante
>> So juxtapose three leaders. So George Kurtz would say it was always best of breed versus best of suite. Now it's best of breed versus best of platform. And his claim is with our partners we can plug in like an Okta or a Zscaler. Whereas Palo Alto's saying no, we are the platform, I think. And so two kind of interesting. And Microsoft, I don't really understand as well. I'm sure you do. So it sounds like good marketing, maybe it gets your eyes rolling. But I got to say CrowdStrike's had some pretty good successes. What are your thoughts on that sort of he's implying a Lego building blocks approach to platform versus what Palo Alto is doing and saying, no, we have control of all the data and a single platform, maybe Microsoft versus cobbling together, maybe that's not the right term, but five best to breed tools?>> Can I just make a comment before you answer that question?
Dave Vellante
>> Yeah, sure.>> And remember Adrian Cockcroft, CUCE alumni, worked at Netflix.
Dave Vellante
>> And Amazon.>> He was a really... I always ask the one question, what are you optimizing for? So the question on the platform then comes into, if you're boiling over the ocean, what are you truly optimizing for? That's the problem with platforms is if not done right. So to answer the question, go ahead, but keep in mind, is that even an issue now or does that factor in or that relevant? Because I think if you don't know what you're optimizing for, you have a big bloated platform potentially. I don't know. I mean I just want to put it out there because that's the question I'm asking. What are people optimizing for?
Jon Oltsik
>> Well, you're optimizing for two things. You're optimizing for efficacy and efficiency. And those may be unified and they may be completely different. Of the two, I would say efficacy trumps efficiency. It's one thing to have an efficient system, efficient operations, but if that means that you're getting compromised, it's not worth it. So it's a dance. I would say that platforms, and I've said this a million times, platforms make a lot of sense until you get to the largest enterprises who have one of everything. And they are not going to rip and replace what they have. They have budget issues where budgets are spread all over the place. And the platform guys will never catch up to the speed of hybrid IT. So it's sort of a share of wallet thing.
Dave Vellante
>> What do you mean by that? What do you mean by that? Explain that if you would.
Jon Oltsik
>> Developers are going nuts. And think of AI and vibe coding and all of the activity that's going on with new applications. New tools, new services. Amazon puts out new services. Developers use them before the security people even know they're there. And so therefore you'll have to have specialization in certain areas. Now the platform guys will look at that and say, okay, acquisition opportunity, and they've done that historically. But I mean if you look at a large enterprise, the question is share of wallet. It's like if you're Palo Alto, you want more of that share of wallet than you have today and you want to elbow out Microsoft, CrowdStrike, Cisco, whomever. That's the battle that's going on. No one, large enterprises will never standardize Palo Alto. Sorry, Palo Alto.
Dave Vellante
>> But from the end customer's perspective, that's a philosophical decision to optimize. You're talking about what are they optimized for. They're optimizing for time to market, time to value, with applications and revenue generation over security.
Jon Oltsik
>> That's right. And they always will.
Dave Vellante
>> Some companies might not. Some companies it depends. Highly regulated industries might have a different... Maybe they're a different point in the spectrum. But that is a conscious decision by the company to not handcuff the developers as an example.
Jon Oltsik
>> Well, security is there to support the mission, mitigate risk for the mission. They're not there on their own.
Dave Vellante
>> It's not the mission in and of itself.
Jon Oltsik
>> It's not like you can't, everyone will say it, you'll hear this throughout is you can't be the department of no. And especially now with->> It's go time right now. It's go department. Dave, you were on a plane yesterday. Jon and I did the opening kickoff yesterday and the comment you made about when I asked, hey, what are some of the new technologies, you brought up Shadow IT, WiFi, all these new technologies. To get your point about this is that in the big enterprises, there's a lot of brittle shit in there. It's like it works, don't touch it. Or we got a lot of sprawl. And your point about Shadow IT and these new things with AI chaos, that's going to usher in innovation, but it's all done kind of, I won't say covertly, but shadow. It's going to get done. And so I think that's one concern, which is why platform isn't the silver bullet. You can't just throw a platform and say, hey, roll this out. So I think that's one. And then the other thing was we heard from Dell's CTO, John Roese, when we were in New York. We had a long conversation around the large enterprises like the JP Morgan Chases of the world. And they say, his feedback was they don't want to change stuff like tools and platforms because it works. They're more receptive to process change and managing data differently because it's easier for them. What's your reaction? Because that's kind of on the same thread you were just talking about. I got a large enterprise, I got stuff. The alternative is have some six-month, six-year plan that never works or just keep it what it is. Maybe abstract over it or do some process change. What's your take on that because that's-
Jon Oltsik
>> That's a great point, John. And I mean, we've all been around the block a while and IT grew organically. And some of the IT organism is still in place. So we still have mainframes for example. The same thing's still happening, it's just happening faster. And as a security person, you don't have control of that. But you do have control of your processes. You do have control or at least influence on risk management decisions. And so that's the role you have to play. And technology's a supporting actor in that. It's not a primary actor in that.>> Great stuff. Great insight. You guys are awesome. Love when we do these segments for an hour. We can do deep dives. But I want to shift back to the RSA show because it is a vendor fest. It is where people are flexing. Dave used to call the urinary Olympics pissing contest. I love that phrase. And that's what it is. But there's a lot of meat on the bone here. I mean, it's a lot of action with the sandboxes. I mean, it's a great show.
Dave Vellante
>> It's fun, yeah.>> But the vendors are all out on display. So let's do an analysis. What do you guys think of the vendors? And again, my focus is I'm looking at culture. I mean, look at the staff, how they behave. What are they doing? How are they doing in social media? How are they doing their development? How are the execs talking on stage? They are putting the rhetoric out there. What's their products look like? So I think it's a full inspection of the vendors. What's your take? How would you rank some of the new vibe? And with the .
Dave Vellante
>> My bias is obviously because I pay more attention to the financial side, which isn't not necessarily the best indicator from a practitioner or a product standpoint. But I don't see how you cannot look at CrowdStrike's return to prominence from a financial standpoint after the July 19th incident, and I think that says a lot. I think->> It wasn't an incident, by the way.
Dave Vellante
>> No, it was an incident. It wasn't a security incident, but it certainly was an incident.>> The blue screen of death at the airport with Windows. What?
Dave Vellante
>> CrowdStrike, the strategy seems to be working. The products get high marks. Okay, so that stands out. And just Microsoft is ubiquitous. You just can't ignore Microsoft. Their customers are spending, they have spending momentum, and they have a huge presence in the marketplace, and they're committed, they're monetizing. And then I think I look at companies like Zscaler as interesting. They've really just disrupted the market. I think it's going to be interesting to see how they expand their TAM. And then there's this endless others that I could talk about. But those three, or four, of course Palo Alto, which a lot of people think is the gold standard.>> Well, we're going to have Cisco on.
Dave Vellante
>> Cisco, huge presence as well, coming at it from the network standpoint. They've got a big, big presence there. The Splunk acquisition gives them install base. I'm interested to see from G2 how they're going to modernize that product. But those three or four or five stand out to me. What's your take on this?
Jon Oltsik
>> I look at these companies on three dimensions. So innovation, affinity, and execution. So innovation, are they innovating, keeping up with feature functionality or new products? Affinity, what's their relationship to the security community? Do they get it? And some do and some don't. And then execution, if you look at a CrowdStrike, if you look at a Palo Alto, they've been able to execute corporate-wise, sales-wise, channel-wise, and thus their financial success. So if you look at those three things and you kind of keep those three things in mind when you talk to vendors, you'll find the strengths, you'll find where they're weak.
Dave Vellante
>> It's a great framework. And you think you run Okta through that framework. I was very high on Okta four or five years ago. And they had some real execution missteps. And they were in a position to really be a dominant player and it kind of leveled the playing field there.>> Well, great framework. And I love the financial analysis. But I think one of the shift we're seeing in New York, the Wall Street and stock exchanges, the emphasis on not so much earnings forecasting, but product-led growth. I think the product-led growth trend that we've been talking about on theCUBE will infect into connecting the dots because to your framework and then the financial results. That's where the puck is going from the numbers standpoint. And again, one thing that's jumping out at me in talking to startups is that there is a new vibe, vibe coding, in the spirit of vibe coding, and that is everything modern has to be fast, simple, and easy. And that is efficacy is front and center. Cost certainly is in there, but that's not a big driver. So we're here. We're breaking it down, theCUBE. I'm John Furrier with Dave Vellante, Jon Oltsik, Jackie McGuire, the whole team. We got our SiliconANGLE reporters out there getting all the action, sharing that data out in the open here at Moscone West. Thanks for watching.
Dave Vellante