Experiencing a cyber attack or security breach? Contact Incident Response Team!

May 12, 2025 Cyber Best Practices

RSA Conference 2025 Recap: Navigating AI, Workforce Dynamics, and Industry Evolution

Karen Sung Chief Marketing Officer
RSA Conference Recap

RSA Conference 2025 is officially in the books — and this one left me feeling… a bit indifferent. You know when you walk into a room full of familiar faces, but everyone’s carrying a little more weight behind their eyes? That was RSA Conference 2025. The same booths, the same buzzwords, even the same after-hours parties and meetups — but beneath it all, there was a quiet shift. It felt less like a flashy industry reunion and more like a pulse check on where we really are. And if I’m being honest? There’s still a strong heartbeat— but maybe there’s just a hint of a slight irregularity.

The dual-edged sword of AI in cybersecurity

AI was the headliner this year again — shocker, I know. But it wasn’t all hype and “evil” AI chatbot answers. Tools like WormGPT are turning up in backchannel convos and session slides, and not in a “maybe someday” way. It’s here, it’s slick, and it’s dangerous. AI isn’t just a tool for the good guys anymore — it’s also fueling the bad actors, arming them with automated phishing and polymorphic malware that’s disturbingly good at bypassing our defenses.

On the brighter side, Cisco rolled out their open-source 8B parameter AI model — a strong step toward transparency and community collaboration. It’s refreshing to see tech giants leaning into open security rather than closed-door black box AI. We need more of that.

Workforce turbulence: The human element in cybersecurity

Conversations with peers revealed a shared sentiment: a sense of instability within organizations. The tech industry’s ongoing layoffs and mergers have left many of my fellow comrades feeling uncertain about their roles and futures. According to TechCrunch, over 22,000 tech workers have faced layoffs in 2025 alone.

This upheaval isn’t just about numbers; it’s about culture — and for me, that’s always been the dealbreaker. In every new role I’ve considered over the years, culture has outweighed compensation, title, or even the tech stack. Why? Because culture is the operating system of a company. And right now, it feels like a lot of orgs are running on outdated firmware — patching over layoffs, mergers, and reorgs without addressing the human cost.

At RSAC, I heard the same thing in hushed conversations and late-night meetups: people feel disconnected, disoriented. Once-tight teams are scattered or stretched thin, and even the high performers are questioning their place. If we don’t prioritize well-being, honest communication, and team cohesion — especially in times of change — we’re going to burn out the very talent we depend on to defend our digital front lines.

Welcoming new entrants at RSA Conference 2025: A surge of fresh perspectives

Despite the challenges, there was a clear silver lining at RSAC 2025: the influx of newcomers — not just fresh grads or engineers making a pivot into security, but also a wave of “trusted advisor” types. Folks from adjacent industries like IT, cloud services, and even compliance consulting — all trying to find their footing in the security space. You could sense they’re asking the right questions: How do I build credibility here? How do I actually help, not just sell?

It’s encouraging, honestly. These aren’t people chasing buzzwords — they’re trying to understand the nuance, the stakes, the buyer psychology. They’re looking to contribute real value in an industry that doesn’t hand out trust easily.

That said, breaking into cyber isn’t easy. It’s dense, political, and full of gray areas — especially if you’re coming in from the outside. That’s where those of us who’ve been around for a while need to step up. Not just as mentors, but as guides. We’ve got to make space at the table, show people how to navigate the landscape, and remind them: credibility in this field is earned, but it can be taught — and shared.

The evolving role of blockchain in identity security

Crypto may not be the belle of the ball anymore, but blockchain showed up in a more grown-up outfit — decentralized identity. The chatter around self-sovereign identity and zero-knowledge proofs actually felt less like a pitch deck and more like real architectural thinking. We’re finally seeing the tech applied to problems that matter: user control, verifiable credentials, and reducing identity sprawl. No hype, just potential.

Cyber Defense Group’s alignment with industry trajectories

At CDG, we’ve been tracking these shifts — not just because they’re trendy, but because they reflect where our clients are headed. Whether it’s helping companies cut through the AI noise, finding real paths for junior talent, or figuring out where blockchain fits into practical security programs — we’re in it. And we’re evolving right alongside you.

Our goal has always been the same: strategic security that supports the business. Not shelfware. Not overkill. Just solid programs that work in the real world.

Looking ahead: Embracing change with resilience

If RSA this year showed us anything, it’s that security is still about people — trying to build trust, navigate uncertainty, and solve hard problems under pressure.

So how are you holding up? What are you seeing in your world? I’d love to hear what resonated for you — let’s keep sharing, learning, and pushing the industry forward. Together.

Take the first step towards cyber resilience.

Get a security assessment today!

Get in Touch