Summary:
Ahead of RSA Conference, ICR hosted conversations with cybersecurity leaders at Nasdaq MarketSite to discuss the trends expected to shape this year’s event and the industry’s next phase.
Key themes to watch:
- Clear messaging cuts through the noise at a crowded RSA.
- AI is accelerating cyberattacks, compressing timelines for defenders.
- Multi-agent architecture is moving into the enterprise, bringing new governance needs.
- Trusted data foundations are essential to unlocking agentic AI.
RSA Conference kicks off next week and the threat landscape is evolving faster than ever. ICR’s Technology Team recently orchestrated a series of interviews at Nasdaq MarketSite with some of the top minds in cybersecurity to discuss the pressing issues that will dominate conversation for industry leaders in attendance. Senior leaders from Cowbell, Noma Security, AlphaTON, AvePoint and Ryan Flanagan, Managing Director with ICR’s Technology Group discussed their perspectives with TechEdge heading into the show.
When asked what to expect at the world’s largest cybersecurity event, industry experts pointed to emerging trends – namely the nuanced underlying attack surface, the risk and reward of agentic AI, the looming large-scale opportunity of confidential computing, and the critical importance of a trustworthy data foundation and governance.
At RSA Conference and beyond, the companies that will break through are the ones that can articulate not just what they do, but why it matters – to customers, to investors, and to the broader market. The themes of agentic security, AI governance, and sustainable growth aren’t just talking points. They’re the framework around which reputations will be built in 2026.
Read below for highlights from senior industry perspectives:
AI Is Accelerating Attacks — and Defenders Must Respond
Matthieu Chan Tsin, Senior Vice President of Resiliency Services at Cowbell, offered a sobering look at how AI is reshaping the threat landscape heading into RSA Conference. Matthieu pointed to recent research highlighting the first near-fully automated attack chains: roughly 80% AI-driven, spanning reconnaissance, discovery, and exploitation at unprecedented speed. Yet he noted a critical nuance – the underlying stages of an attack haven’t changed. What has changed is the urgency required of defenders.
“I think it’s time to let go of the old SLAs where companies give themselves 30, 60 or 90 days to patch or update systems. We have to act with urgency. On the other end, the very same AI tools used by malicious actors to amplify the strength and speed of attacks are also being adopted by defenders to be much more efficient as well” he said.
Multi-Agent AI Architecture is Coming — and Controls Need to Keep Pace
Niv Braun, Co-Founder and CEO of Noma Security, offered a clear-eyed take on what’s next: “I believe that we’re going to see this multi-agent architecture more and more in the enterprise. It boosts amazing productivity to the organization; we just need to make sure that we have the right controls in place.” The opportunity is real. So is the risk if governance doesn’t scale alongside adoption.
Confidential Computing and AI Infrastructure Are Converging Into a Massive Opportunity
AlphaTON Capital Partner Yury Mitin zoomed out to the infrastructure layer underpinning it all: with data centers for AI projected to grow from a $25 billion industry today to as much as $360 billion by 2030, confidential computing is emerging as a critical trend to watch.
Agentic AI Means Nothing Without a Foundation You Can Trust
Mario Carvajal, Chief Strategy and Marketing Officer of AvePoint, believes agentic security will be one of the main trends to look out for at this year’s RSA Conference: “You will see a lot of companies saying risk around agents is something that must be managed. The other side of it is going to be operationalizing governance. If we can’t operationalize governance and we can’t trust the foundation of our data, then how can we really receive the value of what AI is doing for your business? Organizations who are embedding AI into every layer of their business successfully, must have a data foundation they can trust.”
RSA Conference Is Still the Super Bowl — and Standing Out Requires Discipline
The context from ICR’s Flanagan: “40,000 people come into town for this and more than 500 companies, so it really is an opportunity. Any event of that scale just brings together so much media, so much of the analyst community.” But scale cuts both ways: “There are so many companies, it’s easy for your idea to get lost. You need a succinct story, and you need to practice telling that outside of the four walls of your house.” For public companies especially, Ryan noted the stakes are higher: “You’re talking to a different group of stakeholders as well,” including investors and analysts, not just practitioners.
Ryan also pushed attendees to think beyond the show floor: “Every attendee needs to determine what about their business sets them up for sustainable growth. The security landscape changes at breakneck speed so you need to be ahead of that, not just solving for right now, but solving for the future.”
