Jon Oltsik of theCUBE Research, principal analyst in residence, joins host Dave Vellante of SiliconANGLE to recap day one at RSAC 2026. Oltsik discusses the conference focus on artificial intelligence and autonomous agents, rising unknown unknowns, automated penetration testing, and the practical challenges organizations face integrating AI safely while maintaining security culture and operational readiness. They emphasize the need for enterprise resilience and pragmatic approaches to governance and risk management.
Oltsik highlights key takeaways for security leaders and practitioners. They state that strong enterprise-wide governance is essential. They advise that policies, controls and monitoring form the foundational first principles. They warn organizations to prepare for rapid AI-driven change and to scale defensive use of AI. Analysts note that vendor platforms offer capability, but effectiveness depends on tuning, testing and aligning security with business priorities to mitigate emergent risks. The discussion also addresses threats such as phishing and autonomous agent misuse, and provides factors to consider when adopting automated testing and governance frameworks.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC 2026 Conference. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Register for RSAC 2026 Conference
Please fill out the information below. You will receive an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSAC 2026 Conference.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC 2026 Conference. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open the link to automatically sign into the site.
Sign in to gain access to RSAC 2026 Conference
Please sign in with LinkedIn to continue to RSAC 2026 Conference. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
theCUBE Insights
This video provides a Day 1 recap from the RSA Conference 2026, RSAC 2026, examining risks from artificial intelligence, agent-driven threats and the implications for enterprise security and security governance. The discussion addresses automated penetration testing, AI-powered phishing and strategies for scaling detection and response to evolving cyber threats.
Jon Oltsik of theCUBE Research provides analysis and historical perspective. Oltsik characterizes current industry sentiment as heightened tension with more unknowns than before. They examine how rapid AI development reshapes enterprise security priorities and increases the need for robust governance and controls.
Key takeaways emphasize enterprise-wide governance, policies and controls to detect and limit unapproved AI initiatives. Oltsik outlines three customer postures—proactive, paranoid and complacent—and warns that human behavior often undermines controls. Dave Vellante of SiliconANGLE Media highlights the rise of more convincing AI-powered phishing and recommends that Chief Information Security Officer, CISO, teams consider leveraging AI defensively to scale detection and response.
Subscribe for continued RSAC 2026 coverage and practical cybersecurity insights.
Jon Oltsik of theCUBE Research, principal analyst in residence, joins host Dave Vellante of SiliconANGLE to recap day one at RSAC 2026. Oltsik discusses the conference focus on artificial intelligence and autonomous agents, rising unknown unknowns, automated penetration testing, and the practical challenges organizations face integrating AI safely while maintaining security culture and operational readiness. They emphasize the need for enterprise resilience and pragmatic approaches to governance and risk management.
Oltsik highlights key takeaways fo...Read more
exploreKeep Exploring
What have you been hearing at the conference about AI and security — does it match your expectations, and is the level of concern higher than you've seen before?add
How should an organization make the business resilient and able to react quickly to unknown unknowns (for example through governance, policies, controls, skills, and partnerships)?add
How is AI changing phishing and other cyber threats, and how should CISOs respond (e.g., use AI for defense and automation)?add
>> Hi, everybody. Welcome back to Moscone West. We're here in San Francisco at RSAC 2026. Wrapping up day one, theCUBE's continuous coverage. We'll be here Monday, Tuesday, Wednesday, and all day Thursday wall-to-wall coverage here. I'm with Jon Oltsik. And Jon, it's a pleasure having you here and it was great working with you prior to RSAC to break down the preview of the conference. You wrote a great preview. I picked up on that and we doubled down on it, so thank you.
Jon Oltsik
>> Oh, you're welcome. It was fun talking to you back in Boston and it's great talking to you here too, Dave.
Dave Vellante
>> Yeah. So, we talked about the ironic theme of the power of community. And of course this is all about community, but as you pointed out in your piece, all the talk is going to be about AI and agents. We just had a really interesting conversation about automated pen testing, but you've been able to walk around the conference early. I know day one, I think the exhibit floor is just opening right now.
Jon Oltsik
>> Yes.
Dave Vellante
>> But of course, you have a lot of contacts here. I'm sure this is like your Super Bowl of the industry. What have you been hearing so far? Does it match your expectations? The good, the bad, and the ugly?
Jon Oltsik
>> It's interesting, Dave, because security's a little bit of an ambulance-chasing activity, right?
Dave Vellante
>> Yeah.
Jon Oltsik
>> So, for your uncertainty and doubt, you scare people with, "Oh, the bad guys are doing this. Here are the threats." People are legitimately scared. And I'll emphasize legitimately right now because AI development is happening very, very quickly. There are a lot of elements to AI development that we're just learning about or that are in development themselves. And we really don't understand the security implications and how to defend ourselves yet. So, every meeting I had, there was that theme of, "This is coming," or, "It's here and this is what we think we should do, but we're not sure yet." And so, we're a little bit of spitballing right now, but it's important that you spitball and you do things in the right way because it's coming and it ain't stopping.
Dave Vellante
>> Interesting. I mean, you've got a historical perspective on this industry. And so, would you say the, I'll call it the fear meter, not the paranoia, because this industry's always paranoid, but is the fear meter higher than you've ever seen before? I think about the known unknowns and the unknown unknowns. It feels like you're saying there's a lot of unknown unknowns and that maybe is what's driving the fears. And is this the highest tension you've ever seen?
Jon Oltsik
>> Yes. So, it's not fear of the bad guys are going to do unique things. There's some evidence to that, but it's research. It's not really there. It's more like, "Holy cow, our organization is going to do, and is doing these things already. How do we know what they're doing? How do we get our arms around that? Are historical ways of governing the enterprise adequate? What new controls do we need?" So, there's a lot of questions and more questions and answers right now.
Dave Vellante
>> I mean, historically, in the tech industry, security hasn't been able to stop... I want to say this, I'm going to say it the wrong way, but it hasn't stopped the innovation. It's like damn the torpedoes. We certainly saw that with cloud. We saw that with big data. We saw that with mobile. The innovation went ahead and security had to catch up. My fear is if that model applies now, worse things could happen than happened previously. Do you not have that same worry?
Jon Oltsik
>> No, I do. That's exactly what I'm saying is if you think of the curve of business innovation, along with IT, I think it moves at a faster pace than security. Security's always catching up. Now, a good CISO will anticipate that, but there's just so many changes happening and a lot of it we're on the learning curve still of. So, that's really where I see it is I think everything you said is accurate, but the other thing you said is there are a lot more unknown unknowns and they're happening very quickly.
Dave Vellante
>> So, go back to first principles. What is the first principle there? It's hard to anticipate unknown unknowns, so you have to obviously have to react quickly. You have to have an organization that is able to react quickly. What are the principles of that reaction? Is it having... is it skillsets? Is it partners? How should I make my business resilient, not in a cyber resilience way, but I mean in terms of being able to respond to those unknown unknowns? What are the keys?
Jon Oltsik
>> It starts with strong governance and that governance has to be enterprise-wide. The CISO doesn't own governance, but he or she contributes to it, but the business has to buy in. And from governance, you build policies and from policies you build controls and you have to monitor things. So, if you start in that context, then at least you have a framework for control. So, things shouldn't be happening that you're unaware of. They will, but you want to minimize that. Start there and then you'll learn about some of the risks that you have that you didn't understand, some of the controls you need to mitigate those risks, but it does start with really sound and firm governance across the organization.
Dave Vellante
>> I always say bad human behavior beats good security and governance every time. So, this gets to my mind anyway, it's got to be cultural. It's got to be ingrained, and are organizations prepared for that?
Jon Oltsik
>> Some are. So, I said this in a meeting today. I'm seeing three types of customers here. The proactive customer, "This is happening. I need to learn about it and if I'm the CISO, I've got my architect here, I've got my engineer here, and we're immediately thinking about learning about what we need to address." Then, you've got the paranoid person like, "I know this is coming and I really don't know what to do, but I want to do something."And then, the third one is, "Ah, this doesn't affect me," or, "I'm covered. I've got a security infrastructure." And that company is at risk.
Dave Vellante
>> I'm laughing because I'm reminded several years ago, one of our sales folks said, "I'm not really worried. I'm not a target."
Jon Oltsik
>> There's always people saying that.
Dave Vellante
>> We're all targets, right?
Jon Oltsik
>> Yes. And we're targets for agents now, not just bad guys at the other end of a keyboard.
Dave Vellante
>> Well, and you're seeing, obviously, far superior phishing. I mean, the emails are much, much better, but I catch myself every now... And I'm a super paranoid person. I won't click on links, but I catch myself every now and then have to stare at it. I don't know if you have that experience, but you clearly see much better written phishing emails.
Jon Oltsik
>> Yes.
Dave Vellante
>> And I feel for the aunt or uncle or grandparent that feels like their child is in trouble and they're ready to send money. And it's happening now at massive scale, as we've never seen before.
Jon Oltsik
>> Yes. And there is some logic to the theory that to combat AI, you need AI. You need AI to scale, you need AI to learn. You need AI to train your people. And that's the encouraging thing right now is it's not all, like I said, it's not all ambulance chasing. You should be concerned if you're a CISO, but you should also be thinking, how can I use this to my benefit? I mean, the business guys will think, how do I cut costs? How do I automate processes? How do I drive revenue? As a CISO, you should be thinking, "How do I automate my processes? How do I scale my organization?" Things like that.
Dave Vellante
>> I got to ask you a couple of technology vendor questions. So, two years ago, Nir Zuk was on this set and he said, "Everything's changed. Used to be we could stop 99% of the attacks, humans could handle the other 1%. Generative AI changes that. We have to now completely rethink security. It's a do over. That's why we've re-architected everything," et cetera, et cetera, et cetera. CrowdStrike's another one said, "Basically, we were built for this era. We've always been deep into AI, so we're ready." "Stop the breach," is kind of their mantra. What's the reality in terms of the industry, its ability to stop, respond, react, protect? What's the truth?
Jon Oltsik
>> I think the industry's in good shape. The platforms are really interesting. I think it's logical for some organizations, and you and I have talked about this. It's illogical for others because ultimately security is only as good as it aligns with your business. And if I'm in healthcare and you're in financial services, our businesses are different and you can't expect the vendors to get to that level. And that's where the humans do come into play. But the industry's pretty good, but the bad guys are good too. And one other thing there is you could buy CrowdStrike, Palo Alto, whomever. Your efficacy is a function of how you use that technology. Do you tune it? Have you installed it right? Do you have the right data feeds? Are you testing it appropriately? Those are the wild cards here. So, you can't just say good or bad, effective or not. A lot of it's the use case.
Dave Vellante
>> It's bromide, but it always does come down to people, process and technology.
Jon Oltsik
>> Of course it is.
Dave Vellante
>> Technology in and of itself. We're super tight on time. We've got to run. Jon, thank you.
Jon Oltsik
>> You're welcome, Dave.
Dave Vellante
>> Appreciate the wrap-up. Look forward to hearing more this week as you are-
Jon Oltsik
>> We'll be here all week....
Dave Vellante
>> out and about, digging for all the insights and the nuggets. So, thank you.
Jon Oltsik
>> You're welcome.
Dave Vellante
>> Okay. That's a wrap on day one here at RSAC 2026, theCUBE. Everything will be on theCUBE.net. Go to siliconangle.com for all the news and thecuberesearch.com for all the deep research. This is Dave Vellante for Jon Oltsik. We'll see you tomorrow.
