Analyst(s): Fernando Montenegro, Mitch Ashley, Krista Case, Alex Smith
Publication Date: May 6, 2025
What is Covered in this Article:
- Futurum analysts observe that the RSAC Conference rebranded to emphasize “Community” with a record of 44,000+ attendees, transforming itself while being the cornerstone for numerous security community events.
- The Expo Halls featured hundreds of exhibitors, with platform vendors taking center stage. This year, some booths continued to use unorthodox approaches, like live animals, to attract attention.
- Key topical trends included AI with a more measured approach, managing attack surface, and identity and data security as a focal point for cybersecurity strategy.
The Event: Widely recognized as the leading cybersecurity event of the year, capturing the interests of practitioners, vendors, public officials, and investors alike, the now-rebranded RSAC Conference took place last week in San Francisco’s Moscone Center, marking its 34th edition. According to organizers, the event had a new record of over 44,000 attendees, approximately 650 sponsors, and nearly 500 sessions, including keynotes from practitioners, cybersecurity vendors, and public officials. The conference also results in numerous surrounding events.
Among those events, this year’s Innovation Sandbox startup competition marked its 20th edition and crowned startup Project Discovery the winner. Against a backdrop of AI, the company’s offering tackles vulnerabilities at scale.
RSAC Conference 2025 – Evolution, Change, and Yes, Some AI
Analyst Take – Renewed RSAC Mission Goes Primetime: First and foremost, for anyone who may have missed it, the “C” in RSAC is now “Community,” and the conference the security industry has grown to depend upon over the past three decades is now officially the “RSAC Conference”. That renaming is more than subtle; it represents a mission much broader than bringing the security industry together for the largest annual security conferences and online events.
As part of a January 2025 announcement, RSAC Executive Chairman, Dr. Hugh Thompson, described the change in strategy this way; “We’ve been working with the cybersecurity community for the past 18 months to co-design a platform that can be a home for all cybersecurity professionals under the banner of RSAC™…over the coming months we look forward to introducing a global platform built by and for the cybersecurity community…”. Thus, RSAC is reborn to become a global platform for community, connection, and collaboration across cybersecurity professionals and the industry.
RSAC as a global platform was front and center thematically and in the keynotes as “Many Voices. One Community“ at the 2025 RSAC Conference in San Francisco, California. While this transition began more than 18 months prior, the expansion of RSAC’s role couldn’t be more timely. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is undergoing its redefinition of CISA’s core mission, staffing and budget cuts, termination of advisory boards such as the Cyber Safety Review Board, and other program eliminations as CISA refocuses inwardly on the cyberdefence of domestic critical infrastructure and federal networks.
Beyond messaging at the 2025 conference, RSAC launched the new RSAC Labs for cyber research and a new year-round membership platform to connect cybersecurity professionals with the vast resources of talks, presentations, continuing education, and expanded capabilities RSAC has planned.
At launch, the platform offers a cybersecurity AI copilot to navigate RSAC’s resources and content libraries, daily news briefs, and secure chat spaces for members to discuss cybersecurity topics. Over the coming months, Futurum anticipates a cadre of virtual war rooms, breaking cyber news, webcasts, and new forms of online collaboration and communication among the cybersecurity community.
Will the new RSAC fill gaps created by changes at CISA? No, not exactly. Futurum expects RSAC to play a greater role in aiding the private sector and cybersecurity community in taking on some but not all of these gaps, rather than filling many of them. RSAC can elevate communication, collaboration, and relationship-building levels between industry, government, and academia.
The way has been cleared and is open for RSAC and cybersecurity leaders to redesign the next cybersecurity private sector leadership era. Most importantly, the industry must move strategically and quickly to avoid unfulfilling these gaps while cyber defence, resiliency, research, and AI’s impact on the industry march on.
A Premier Venue for Business Conversations
Besides the conference itself, one of the most interesting aspects of the event is that it produces one of this industry’s strongest examples of the economic concept of the network effect—the value of attending increases as more people attend.
This leads to many side events, conversations, meetings, and more for all communities, who find each other quickly. Chenxi Wang, a well-known venture investor, captured this nuance well in a social media comment: “The Four Seasons is for Investors, the W and the St.Regis are for Sales, the Marriott Marquis is for Media, and the Intercontinental is for CISOs.”
By our estimate, there were over 200 receptions, dinners, lunches, … all because the conference attracts enough participants of all stripes to the same spot simultaneously. Indeed, there is something for everyone at the RSAC Conference.
The RSAC Conference Expo Hall remains a key feature of the event, with nearly 600 exhibitors of all sizes. Of note is that the conference has, in recent years, added more options for exhibitors on the path between North and South halls, serving as a continuum between the locations. The Early Stage Expo area has grown in size over the years, with over 60 startups.
Key observations this year about the expo halls are:
- While not the first year this has happened, it’s poignant to note that RSA Security is no longer the first thing one sees when entering the North Hall.
- We continue to see vendors with significant security portfolios and a strong platform-centric message take center stage: Microsoft, Cisco, SentinelOne, Trellix, and others.
- Attracting attention continues to lead to unorthodox approaches. This year, some booths opted to bring in live animals (puppies and goats), leading to further debate about what is appropriate on the floor. Besides that, the usual smattering of magicians, games, arcades, and giveaways makes it consistent with previous years.
In a sense, the expo floor this year was indistinguishable from previous years, which speaks to the promise and challenges of the cybersecurity industry maturing.
From a topic perspective, the key trends that Futurum Group highlighted earlier this year aligned with what we saw on the floor and in conversations.
First and foremost, AI was there, of course, but surprisingly and thankfully in a more measured tone. As we navigate the second full year of the “GenAI” revolution – recall that ChatGPT was announced in November 2022 – it is no surprise that the majority of conversations Futurum analysts had over the week included copious amounts of AI topics.
Notably, we saw an evolution in the conversation – we still see numerous inflated expectations of AI taking on more than it probably can, but there is cause for optimism.
The evolution of the attack surface and how to manage it was also quite present. Interestingly, microsegmentation was more visible this year, picking up the mantle of a viable implementation mechanism for Zero Trust principles. Also, there was interest in finding a way to manage the steady stream of vulnerabilities found each day. An interesting data point is that the winner of this year’s Innovation Sandbox was Project Discovery, which aims to tackle this very issue.
The broader evolution and preference for security platforms were also on full display, with key platform vendors Microsoft, Cisco, CrowdStrike, Fortinet, Google, and SentinelOne having a heavy presence. In addition, other vendors continue to add use cases to their more-focused offerings, be it in Application Security, Cloud Security, Identity and Access Management, or other areas.
Identity and Data Security are at the Core
Part and parcel of the evolution of cybersecurity into a more strategic consideration for organizations—and something evident at the RSAC Conference this year—is a renewed interest in data and identity topics.
To us, data and identity security are linchpins facilitating resilience against cyberattacks, and they are increasingly converging. Identity is now widely recognized as a key attack vector and perimeter to shore up. But attackers are after the data. The Futurum Group’s 1H25 Cybersecurity Decision Maker IQ data revealed that 80% of organizations experienced at least one meaningful cyber-incident over the last 12 months, with data loss and compromise being the most frequently reported consequences of the security incident.
On the identity side, core capabilities, including access control, privilege management, governance, and auditing and monitoring, are increasingly converging to facilitate contextualized, risk-based, just-in-time access. This platformization of identity security becomes critical to preventing critical evolving attack vectors, such as identity spoofing, which is materially upleveled by malicious use of AI. The other component of the conversation that was top-of-mind at RSAC 2025 is the race to secure the exponentially increasing number of non-human identities.
The steady advent of AI agents throws a critical wrinkle into this conversation. Businesses will rely on them increasingly, and it is difficult to secure them for several reasons, including the fact that their actions are unpredictable, it is difficult to discern their intent, and they will operate at machine scale. Moving forward, their ongoing authentication, authorization, privileged access management, and governance will be essential to solve.
As another critical component of cyber-resilience, data access is becoming increasingly identity-driven and policy-enforced, for example, by embracing zero-trust architectures and policies of least privileged access. Conversations at RSAC 2025 underscored how data classification, data protection, and access governance increasingly need to converge to mitigate externally driven credential abuse and insider risk, especially as data proliferates across multi-hybrid cloud environments.
What to Watch:
- How will the continued evolution of the RSAC entity—both the year-round engagement and future editions of the Conference—fare in light of how cybersecurity professionals continue to navigate the noisy environment of topics to address, practices to follow, and vendor offerings to pick? Can RSAC continue to grow its role as the nexus for cybersecurity industry conversations?
- Does the conference’s popularity effectively demonstrate the power of in-person events moving forward, or is it RSAC-specific? Upcoming events include InfoSecurity Europe in June, Black Hat USA and surrounding events in August, and ISC2 Security Congress in October, to name just a few, and watching participation at those will be important for field marketing teams making their 2026 plans already.
- From a trends angle, how will the AI conversation evolve? How are security teams navigating the dual role of securing AI initiatives in their organizations while consuming AI in their workflows?
- Numerous other security areas—software supply chain security, third-party risk management, application/cloud security, security operations, data protection, and more—were on display with their own announcements. How will they evolve in terms of practitioner priorities in the coming year?
The conference’s closing press release is available here.
Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.
Other insights from Futurum:
RSAC Session: Software Supply Chain Security, AI, and Regulation, RSAC 2025
Futurum Research 2025 Key Issues & Predictions
RSA Conference Innovation Sandbox Announces 2025 Finalists
Author Information
Fernando Montenegro serves as the Vice President & Practice Lead for Cybersecurity at The Futurum Group. In this role, he leads the development and execution of the Cybersecurity research agenda, working closely with the team to drive the practice's growth. His research focuses on addressing critical topics in modern cybersecurity. These include the multifaceted role of AI in cybersecurity, strategies for managing an ever-expanding attack surface, and the evolution of cybersecurity architectures toward more platform-oriented solutions.
Before joining The Futurum Group, Fernando held senior industry analyst roles at Omdia, S&P Global, and 451 Research. His career also includes diverse roles in customer support, security, IT operations, professional services, and sales engineering. He has worked with pioneering Internet Service Providers, established security vendors, and startups across North and South America.
Fernando holds a Bachelor’s degree in Computer Science from Universidade Federal do Rio Grande do Sul in Brazil and various industry certifications. Although he is originally from Brazil, he has been based in Toronto, Canada, for many years.
Mitch Ashley is VP and Practice Lead of DevOps and Application Development for The Futurum Group. Mitch has over 30+ years of experience as an entrepreneur, industry analyst, product development, and IT leader, with expertise in software engineering, cybersecurity, DevOps, DevSecOps, cloud, and AI. As an entrepreneur, CTO, CIO, and head of engineering, Mitch led the creation of award-winning cybersecurity products utilized in the private and public sectors, including the U.S. Department of Defense and all military branches. Mitch also led managed PKI services for broadband, Wi-Fi, IoT, energy management and 5G industries, product certification test labs, an online SaaS (93m transactions annually), and the development of video-on-demand and Internet cable services, and a national broadband network.
Mitch shares his experiences as an analyst, keynote and conference speaker, panelist, host, moderator, and expert interviewer discussing CIO/CTO leadership, product and software development, DevOps, DevSecOps, containerization, container orchestration, AI/ML/GenAI, platform engineering, SRE, and cybersecurity. He publishes his research on FuturumGroup.com and TechstrongResearch.com/resources. He hosts multiple award-winning video and podcast series, including DevOps Unbound, CISO Talk, and Techstrong Gang.
With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.
Alex is Vice President & Practice Lead, Channels & Go-to-Market at the Futurum Group. He is responsible for establishing and maintaining the Channels Research program as part of the overall Futurum GTM and Channels Practice. This includes overseeing the channel data rollout in the Futurum Intelligence Platform, primary research activities such as research boards and surveys, delivering thought-leading research reports, and advising clients on their indirect go-to-market strategies. Alex also supports the overall operations of the Futurum Research Business Unit, including P&L segmentation, sales and marketing alignment, and budget planning.
Prior to joining Futurum, Alex was VP of Channels & Enterprise Research at Canalys where he led a multi-million dollar research organization with more than 20 analysts. He played an integral role in helping the Canalys research organization migrate into Omdia after having been acquired in 2023. He is an accomplished research leader, as well as an expert in indirect go-to-market strategies. He has delivered numerous keynotes at partner-facing conferences.
Alex is based in Portland, Oregon, but has lived in numerous places, including California, Canada, Saudi Arabia, Thailand, and the UK. He has a Bachelor in Commerce and Finance Major from Dalhousie University, Halifax Canada.
