The RSAC™ 2025 Conference, held from April 28 to May 1 at San Francisco’s Moscone Center, was packed with over 450 sessions tackling the most pressing issues in cybersecurity .
As an attendee, I was pleased by the depth and relevance of the discussions, but as I reflect I centered primarily on four sessions that stood out for their focus on critical topics that I was curious to learn more from: online safety for kids, identity management in a Software-as-a-Service (SaaS)-driven world, countering China’s Typhoon threats to U.S. critical infrastructure, and the future of tech policy.
Below, I am providing a brief insight into these sessions, with some insights from the expo floor where companies like Splunk, RSA, Proofpoint, and Govern 365 showed off solutions aligned with these themes.
Reach out to discuss this topic in depth.
Session 1: Online safety and kids, protecting the next generation
The session on “Online Safety and Kids” was a broad but disconcerting exploration of the digital risks facing children in 2025. Moderated by Robert McMillan of the Wall Street Journal, with guest Sandra Joyce of Google, it focused on the growing threats of cyberbullying, grooming, and exposure to inappropriate content. With kids spending more time online, often on platforms lacking robust safety controls, Robert and Sandra emphasized the need for proactive education and technology solutions.
One key takeaway was the role of behavioral artificial intelligence (AI) in detecting predatory behavior. One of the other speakers this week spoke about how AI-driven tools, like those demoed by Proofpoint, can drive a more human-centric threat detection approach and flag suspicious interactions in real time.
The session also stressed parental controls and digital literacy programs, citing initiatives like RSAC’s internet safety education for consumers. I was reminded how simple measures such as an internet “secret word” could provide such simple front-line protection against personal attacks, extortion, etc.
At the expo, I visited Proofpoint’s booth, where their theater presentations highlighted solutions for protecting end-user accounts from account takeovers (ATOs), a tactic often used to target vulnerable users like kids. This session left me optimistic about the industry’s commitment to safeguarding younger generations but underscored the need for scalable, affordable tools to reach underserved communities.
Session 2: Identity management, The last bastion in a SaaS world
The session “Identity Management as the Last Bastion Security Control in a SaaS World” examined how identity has become the cornerstone of security as organizations shift to cloud and SaaS environments. Led by Aaron Turner of Ians Research, it argued that traditional perimeter defenses are obsolete, making identity the critical control point for preventing breaches.
Aaron outlined how attackers exploit misconfigured SaaS apps and non-human identities (e.g., Application Programming Interfaces (API) keys) to gain access. He clarified direction by focusing on reducing the number of identity management providers to an idealistic one. On the show floor, a memorable demo showed how a compromised service account in a SaaS platform could enable lateral movement across a multi-cloud environment.
The solution, of course, is strong identity governance and zero-trust architecture. RSA echoed this at their booth, with a password less authentication platform integrated with Microsoft Entra ID to secure hybrid environments, their session, led by Chief Information Security Officer (CISO) Rob Hughes, detailed NIST guidance for evaluating authentication assurance levels.
This session was a reminder about the complexity of managing identities in a SaaS world. The emphasis on real-time, bidirectional identity verification demonstrated by RSA’s new capabilities aligned with the expo’s focus on innovation. I left with a deeper appreciation for identity as the linchpin of modern security strategies.
Session 3: Countering China’s typhoon threats on U.S. critical infrastructure
The “Countering China’s Typhoon Threats on U.S. Critical Infrastructure” session was a chilling look at national-state cyberattacks, focusing on China-backed actors like Volt Typhoon. Featuring leaders from Cisco, the FBI, and Datev, it explored how these actors are “burrowing” into critical infrastructure, energy, water, and telecoms, to weaken U.S. defenses for potential future conflicts.
A key discussion centered on National Security Memorandum-22, which aims to enhance cross-sectoral risk identification and intelligence sharing. A case study highlighted a Volt Typhoon attack that exploited unpatched vulnerabilities in a water treatment facility’s SCADA system, underscoring the need for “secure by design” principles. The speakers discussed the importance of public-private partnerships and the need for fast action to modernize our approach. Splunk’s role in powering Security Operations Centers (SOCs) with real-time threat detection was interesting. At Splunk’s booth, I saw demos of their federated data approach, which aligns with the session’s call for visibility across decentralized systems.
This session reminded me of cybersecurity’s geopolitical stakes. The urgency of protecting critical infrastructure and actionable strategies like those from CISA left me hopeful but vigilant about the road ahead.
Session 4: The future of tech policy, Navigating a complex landscape
The session on “The Future of Tech Policy” brought together two leaders in governmental security initiatives of the last decade or more. General Paul Nakasone and Chris Krebs discussed how regulations will evolve cybersecurity. Moderated by Ted Schlein, the team tackled topics like AI governance, data privacy, and international cooperation. A key focus was the stark reality that Chinese attacks are up 150% Year over Year, with a 50% increase in those targeted toward the US.
The speakers debated the balance between innovation and regulation, citing the EU’s AI Act as a model but warning of its potential to stifle smaller players. A memorable moment was a discussion on ransomware, with a CISA representative noting that global cybercrime costs could hit $10 trillion by 2026.
The panelists were also adamant that the US move faster and go on the counteroffensive. The defensive posture does not provide enough focus for a complete protection strategy. The session also highlighted the need for harmonized standards, with companies like Cisco advocating for unified security policies across their Security Cloud Control platform.
Govern 365 showcased compliance solutions at the expo for Microsoft 365, aligning with the session’s emphasis on regulatory adherence. This session reminded me to think about cybersecurity as a technical challenge and a policy-driven ecosystem requiring global collaboration.
Connecting the dots
These four sessions, while diverse, shared a common thread: the need for proactive, collaborative, and human-centric approaches to cybersecurity. From protecting kids online to securing critical infrastructure, the discussions underscored that technology alone is insufficient; education, policy, and partnerships are equally vital. The expo floor further supported this, with various vendors offering solutions that bridge technical and human elements.
RSAC™ 2025 was a good reminder that cybersecurity is a shared responsibility. These sessions gave me practical insights to apply in my work, from strengthening identity controls to advocating for better online safety policies.
As I reflect on my time at the Moscone Center, I am still concerned that as a society, we take a more passive, defensive approach to cybersecurity and would like to see more offensive postures explored to slow down adversaries who mean to cause malicious harm. The conference’s focus was clear, and it was evident that all attending contributed to the “One Community” vision that RSAC champions.
If you’d like to discuss RSAC 2025 and my key takeaways in more depth, please drop me an email at [email protected].
