And just like that, another RSAC is in the books! Over 40,000 industry professionals gathered in San Francisco for the biggest annual cybersecurity event of the year, the RSA conference. The energy was electric, as always, from showcasing new product innovations to highlighting timely research and mingling with customers and prospects. In addition to the 60 thousand steps, 10 iced coffees and 5 stress balls, I walked away with interesting takeaways from both a cybersecurity and PR/marketing perspective.
What’s all the buzz about?
Many reporters gave great overviews on what the biggest vendor news/trends were from the event. Rather than recite everything from the professionals, see below for my perspective on trends that I believe will drive the news cycle moving forward.
Agentic AI & its use cases:
Two years ago, when I last attended the event, generative AI was gaining momentum but still talked about in mostly conceptual terms. Fast forward to 2025, and agentic AI use cases are everywhere. As James Rundle aptly put it, “you can’t swing a cat [at RSA] without hitting an artificial intelligence agent.” We’ve hit the implementation boom — but in many cases, with minimal safeguards. One major concern is identity management. As SailPoint CEO Mark McClain pointed out, “AI agents must be treated in a category of their own.” Too often, they’re lumped in with machine identities. But agentic AI mimics human behavior, while machines just execute fixed tasks, they need different guardrails. I suspect many questions to follow around how enterprises should govern, authenticate, and ultimately trust these agents at scale.
Data visibility & intelligence:
We live in a data-driven world, generating over 400 million terabytes every single day. But even with all this data, organizations still struggle to turn it into actionable insight. Automation alone can’t do the heavy lifting. If data isn’t high quality, if teams lack visibility, or if insights aren’t accessible, then even the best tools fall short. Enterprises are faced with unprecedented volumes of data, yet keeping up with monitoring and analysis is harder than ever. More tech. More data. But is any of it actually usable? Across the show floor and in conversations, one theme kept coming up: the need to move from reactive data handling to proactive intelligence. Security teams are grappling with unifying fragmented data environments and reducing noise to enable faster, more confident decision-making. Visibility isn’t enough, the real differentiator will be context.
Nation-State Threats & Geopolitical Tension:
In the lead-up to RSAC, the federal cybersecurity space saw no shortage of turbulence, nation-state attacks surged, while internal disruptions like layoffs at CISA, FEDRAMP restructuring, and political backlash against figures like Chris Krebs sent shockwaves through the industry. The result? A noticeably quieter government presence at the conference. Regulatory discussions were minimal, and many officials from agencies like CISA and the NSA were largely absent. As Politico’s Maggie Miller and Dana Nickel pointed out, this year’s RSAC felt different, more muted on the federal front. That said, nation-state threats were still a major topic. But rather than broader policy or structural response, the focus shifted to specific threat actors and attack tactics.
Marketing Trends
Every year, companies try to outdo themselves, and more importantly competitors, with eye-catching booths to drive foot traffic and spark conversation. From adoptable puppies and life-size video games to monster trucks, there was no shortage of overstimulation from colorful visuals and over-the-top displays. Custom hats were also everywhere this year, but it’s fair to wonder—how many will actually be worn after the conference? The best swag isn’t just memorable; it aligns with the brand story and sticks around long after the event wraps. The vendors that stood out the most correlated their creative execution with company messaging. While attention is great, engagement is the real goal.
Creative swag: Let’s be honest: most conference swag ends up forgotten in a drawer. But this year, a few giveaways managed to break through the noise—not just by being flashy, but by being functional and on-brand. Varonis stood out with a smart, subtle tactic: they left door hanger notes on hotel rooms booked through an RSAC room block, each with an AirTag holder attached. Bring it to their booth, and you’d get a free AirTag—while supplies lasted. It was simple, useful, and tied directly to their core value prop: visibility and control. Just like knowing where your keys are, Varonis wants you to always know where your data is.
Interactive booths: I’d be lying if I said the adoptable puppies weren’t my favorite booth, but Tufin did an excellent job connecting fun with knowledge. They brought in my new favorite magician, Danny Orleans, who seamlessly wove in company differentiators and messaging into a short, engaging performance. I didn’t walk away with the big prize (still a little salty), but I did leave with a magic trick and a clearer understanding of what Tufin is all about.
Punchy phrasing: Illumio took the cake for most clever slogan with their “Finding Bad Actors Faster Than the Hallmark Channel” merch. Beyond the creative tagline, they nailed the balance between humor and message as it directly ties back to what they do: microsegmentation and breach containment. It didn’t just grab attention, it reinforced the brand in a low-effort, high-impact way.
Ready for 2026?
Whether you were in San Frrancisco or followed the headlines from afar, the marketing and industry trends from RSAC 2025 will surely impact the cybersecurity sector in the months ahead. Curious how the Matter team can help you tap into these insights? We’d love to connect—reach out below and let’s chat.