In this interview from RSAC 2026, Roger Grimes, chief information security officer advisor at KnowBe4, joins theCUBE's Christophe Bertrand to discuss how AI is simultaneously expanding the attack surface and supercharging the defense toolkit in human risk management. Grimes introduces KnowBe4's evolving framework — from traditional security awareness training to what the company now calls "workforce trust management" — which extends protection beyond individuals to encompass the AI agents acting on their behalf. He explains why AI-enabled scams are surging in impact, citing data showing they generate 4.5 times more value for attackers than non-AI scams, and outlines two distinct threat categories: attacks launched from AI, such as deepfakes impersonating executives, and attacks directed at AI systems through context poisoning and data manipulation.

The conversation explores how KnowBe4 is deploying its own AI orchestrator — spanning 12 agents — to automate and hyper-personalize simulated phishing campaigns at scale. Grimes shares early data showing that AI-managed programs reduce security risk three times more effectively than human administrators running the same function, largely because the AI consistently escalates phishing difficulty rather than settling into static templates. He also details how the platform now enables organizations to generate deepfake video simulations of their own executives as part of live phishing exercises, turning emerging threat techniques into training tools. From redefining the security admin's role as a strategic engineer to building a culture of real-time nudges that guide better AI usage decisions, Grimes provides a data-driven roadmap for organizations navigating the increasingly complex intersection of human behavior and agentic AI risk.

In this interview from RSAC 2026 in San Francisco, Jim Shook, director of cybersecurity and compliance practice at Dell Technologies, joins Rob Emsley, director of cyber resilience marketing at Dell Technologies, to talk with theCUBE Research's Christophe Bertrand about why securing AI infrastructure demands the same resilience foundations enterprises have long applied to traditional workloads. Dell timed three announcements to the conference's opening day, spanning quantum-ready PC capabilities, PowerProtect Data Manager enhancements with a new entry-level Data Domain appliance, and managed detection and response expansion to PowerScale. Shook underscores that threat actors will inevitably target AI factories and training pipelines, yet most organizations have yet to back up their AI environments — a gap Dell aims to close by treating resilience as a design principle across the full stack.

The conversation also touches on how AI is being embedded into PowerProtect Data Manager itself — through a unified dashboard and AI-assisted troubleshooting — to help administrators manage increasingly complex environments. Emsley details the expansion of anomaly detection from backup copies to PowerStore storage snapshots, moving threat visibility higher in the data center stack. A Palladium Hotel Group case study illustrates the cross-segment reach of Dell's portfolio: the European luxury hotel chain deployed software-defined PowerProtect appliances across 40 locations to orchestrate backup, recovery and compliance under GDPR. Shook weighs in on the regulatory uncertainty surrounding agentic AI, noting that while governments oscillate on policy, the underlying risk remains constant. Emsley closes with findings from Dell's new Cyber Resilience Insights research, warning that overconfidence in recovery readiness remains one of the most overlooked vulnerabilities organizations face as they race to deploy AI.

In this interview from RSAC 2026, Sumit Dhawan, chief executive officer of Proofpoint, joins theCUBE's Dave Vellante to discuss how AI is extending the human attack surface and why intent-driven guardrails are the new imperative for enterprise security. Dhawan details the acquisition of Acuvity and the rapid launch of Proofpoint AI Security, a platform designed to protect AI agents from prompt-based exploitation the same way Proofpoint has long defended humans from social engineering. He explains why traditional semantic analysis falls short and how an ensemble of specialized language models detects malicious intent across trillions of messages.

The conversation also explores Proofpoint's approach to token economics, where Dhawan advocates for prioritizing adoption and experimentation over premature ROI measurement — encouraging employees across engineering, sales and support to embrace AI without restrictions. He unpacks why the "SaaS apocalypse" narrative unfairly paints all software companies with the same brush, arguing that cybersecurity providers with proprietary data and continuous threat intelligence enjoy a compounding network effect that widens their competitive moat over time. Dhawan also outlines his framework for enterprise security consolidation, identifying five emerging platform categories — endpoint and XDR, SOC automation, identity, network and SASE, and human plus AI behavior — where organizations are converging on fewer strategic partners rather than chasing a single-provider model. From defending against multi-step prompt attacks to redefining how enterprises structure their security stacks for the agentic era, he provides a practical roadmap for balancing rapid AI adoption with the guardrails needed to keep both humans and machines in check.

Prashant Prahlad of Capital One Software, senior vice president and head of product, discusses data-centric security tokenization and platform strategy at RSAC 2026. Prahlad outlines Capital One Software's evolution from in-house tools to commercial products such as Slingshot and Databolt. They bring deep experience in cloud-native architecture data management and security and describe tokenization for structured and unstructured data dark data discovery cost-effective scanning and guidance for customers modernizing data stacks for enterprise artificial intelligence.

Prahlad states that proprietary data is the long-term differentiator for AI and that safe tokenization unlocks downstream analytics without exposing personally identifiable information. They emphasize vaultless post-quantum-tested tokenization platform capabilities such as lineage classification and optimization and pragmatic cloud and on-premises deployment models. Analysts underscore the business value of data modernization secure data sharing and treating data as a durable asset amid rapid AI change. The interview features hosts Dave Vellante Christophe Bertrand and Jon Oltsik.

In this interview from RSAC 2026, Nico Waisman, chief information and security officer of XBOW, joins theCUBE's Dave Vellante and John Oltsik to discuss how autonomous AI pen testing is closing the widening gap between vulnerability discovery and exploitation. Waisman explains how XBOW deploys swarms of AI agents to autonomously attack web applications, using a validator architecture that dramatically reduces false positives. The company proved its approach by reaching number one on the HackerOne leaderboard, outperforming human security researchers at finding zero-day vulnerabilities in production environments. With vibe coding accelerating code output faster than teams can secure it, Waisman argues that only AI-driven offensive testing can match the pace of modern software delivery.

The conversation also explores XBOW's model-agnostic architecture, which allows the platform to swap foundation models on a per-task basis — using different models for discovery, attack and safety validation. Waisman details the company's roadmap toward continuous testing integrated directly into CI/CD pipelines by mid-2026, enabling penetration tests on every code delta rather than periodic assessments. A recently announced partnership with Microsoft connects XBOW's offensive findings to attack surface management and SOC workflows, creating a closed-loop system where discovered vulnerabilities automatically trigger incident detection. Founded by Oege de Moor, the creator of GitHub Copilot, XBOW has spent two years building enterprise-grade capabilities while foundation models have rapidly matured around it. From the expanding trust risks introduced by MCP and autonomous agents to the governance frameworks CISOs need as every company becomes an engineering company, Waisman provides a practical roadmap for staying ahead of adversaries operating at machine speed.