RSAC 2025 in San Francisco last week felt like a turning point. It wasn’t just that with over 44,000 attendees, 650 exhibitors, and the industry’s biggest names in attendance, sessions and the exhibit hall were packed as the pandemic fades further into memory. I’m referring more to how the show captured the tension between urgency and innovation that defines cybersecurity today across startups, global enterprises, and government.
While the interest in new technology was as high as ever, a few new and pivotal themes rose to the top from what I saw and heard across keynotes, panels, and show floor discussions, highlighting the challenges and the opportunities ahead. My main takeaways include:
One of the defining undercurrents of this year’s conference was the growing politicization of cybersecurity. In back-to-back keynote moments, we saw both unity and division on full display.
Former CISA Director Chris Krebs delivered a passionate plea to the industry to “keep up the good fight,” warning of the escalating threats facing critical infrastructure and urging collaboration across sectors to stay ahead of bad actors. His words carried weight, especially as new and increasingly AI-powered attacks test the resilience of our systems and institutions.
At the same time, Homeland Security Secretary Kristi Noem took the stage to challenge the current direction of the Department of Homeland Security’s cyber strategy – calling for a rollback of CISA’s authority and a broader “reset” of U.S. federal cybersecurity priorities. Her keynote sparked strong reaction and underscored the rising debate around who should lead the cyber charge – and how far their reach should go.
That debate is already having tangible effects. Conversations throughout the week pointed to the impact of DOGE (Department of Government Efficiency) initiatives, which are starting to hit home across federal agencies. Staff reductions at GSA, the slowing of contract cycles, and the defunding of critical programs like MITRE’s CVE initiative have begun to undermine the government’s ability to execute on key cyber mandates, even as the private sector demand for cybersecurity solutions continues to rise. The signal: while long-term demand remains high, near-term federal contracts and implementation cycles are likely to be slower and more unpredictable.
There was no shortage of AI announcements on the floor – but the nature of the discussion has matured.
RSAC 2025 showed that AI in security has crossed the threshold from novelty to necessity. From startups building offensive tools for red teams, like DreadNode, to platforms focused on governance and transparency like PointGuard AI, the conversation is no longer about if we’ll use AI in cybersecurity, but how we’ll use it responsibly. A major headline during the week was Palo Alto Networks’ acquisition of Protect AI, underscoring just how critical the AI supply chain has become.
Whatever your take, the message was clear: AI is not just the latest trend – it’s a transformation. And its most powerful value will come not from isolated tools, but from deeply integrated platforms that can learn, adapt, and act in real time.
One of the most consistent topics raised by CISOs and practitioners alike was platform fatigue vs. platform promise.
Attendees are beginning to differentiate between vendors offering native “true platforms” and those “platformizing” disparate tools. The former offers unified data models, shared policy engines, and integrated user experiences; the latter stitches together acquired products under a loose brand umbrella.
And of course, the pending acquisition of Wiz by Google added fuel to the fire. Some attendees debated whether Wiz’s startup momentum could survive under Google’s stewardship, while others saw it as a strategic move to supercharge Google’s ability to deliver a more comprehensive enterprise security footprint, especially following its 2022 acquisition of Mandiant.
This clarity is starting to drive decision-making. Buyers are looking for platforms that reduce operational complexity, lower costs, and deliver consistent enforcement across environments. They’re asking harder questions about underlying architectures, data interoperability, and total cost of ownership. And they’re expressing frustration with so-called platforms that still require multiple consoles and disjointed workflows.
Another widely discussed trend was the acceleration of firewall refresh cycles. Many enterprises are now reaching the end of life or end of support for NGFW appliances purchased during the early COVID years, and they’re re-evaluating their next investment – not just in terms of products, but architectural direction.
Several security leaders noted being caught off guard by dramatic price hikes in renewal quotes, describing them as “extortionistic.” This frustration is driving renewed interest in vendors offering NGFW functionality as part of broader SASE platforms – particularly those that can offer a mix of physical, virtual, cloud-delivered, and SSE-based enforcement in a consistent, policy-driven way.
While much of RSAC focuses on the enterprise, several sessions and side discussions highlighted the growing risk gap facing small and medium-sized businesses (SMBs). These organizations are increasingly targeted by AI-powered phishing, ransomware, and fraud campaigns – but lack the staff and tools to respond effectively.
There was strong interest in solutions that natively integrate security into the network, offering simple, policy-driven protection without the need for multiple point products or a large security team. In a world of escalating complexity, simplicity at scale is becoming a differentiator – especially for the underserved SMB segment.
For international organizations and multinationals, one of the most talked-about trends was the rise of sovereign SASE infrastructure. With growing concerns over data sovereignty, regulatory compliance, and geopolitical risk – especially in the wake of shifting global alliances – many are seeking network and security architectures that are not dependent on U.S.-based hyperscalers.
This demand is logically particularly strong in Europe, the Middle East, and parts of Asia. Sovereign SASE offerings that enable regional control, local data residency, and national infrastructure partnerships are seeing significant traction, and this trend shows no signs of slowing down.
Interestingly, macroeconomic uncertainty and U.S.-China trade tensions played a smaller role in RSAC conversations I had and presentations I heard than I expected, perhaps because it turns out most major cybersecurity vendors have largely retreated from the Chinese market, and many buyers have already adjusted their supply chains. That said, with ongoing unpredictability in global tariffs and semiconductor access, some procurement leaders expressed caution in large-scale hardware refresh planning – particularly in sectors dependent on secure physical appliances.
Amidst these themes, Versa’s presence at RSAC 2025 stood as a validation of where the industry is going.
While our booth was consistently busy with live presentations, demos, and customer conversations, the real success was how well our message aligned with the market’s direction. Versa’s SASE architecture isn’t just another product – it’s a unified, AI-powered platform that delivers secure networking, NGFW, SSE, ZTNA, and more from a single, tightly integrated system.
Our RSA booth presentation drew interest by addressing the real issues customers are facing:
As customers increasingly seek outcomes, and not logos or laundry lists, Versa’s vision of security built in – not bolted on – is resonating louder than ever.
Want to learn more about Versa’s unified approach to SASE, NGFW, and sovereign security?
Subscribe to the Versa Blog
Gartner Research Report
Trial
ROI
Contact
