Wrapping RSAC 2026 up with a bow.

CyberWire Daily – “Wrapping RSAC 2026 up with a bow.”
Date: March 26, 2026
Host: Dave Bittner (N2K Networks)
Episode Theme:
A comprehensive wrap-up of the RSA Conference (RSAC) 2026, exploring emerging cybersecurity trends with a spotlight on the pervasive influence of AI, expert analyses on cyber risk, adversarial activities worldwide, latest regulatory actions, and significant industry interviews from the conference floor.

1. Episode Overview

This episode provides a fast-paced, information-rich summary of major cybersecurity news. The main focus is highlights from RSAC 2026 in San Francisco, with insights from leading experts on the advancement of AI in cybersecurity, evolving threats, regulatory shifts, and a series of “man on the street” interviews offering candid perspectives from prominent industry voices.

2. Key Discussion Points & Insights

RSAC 2026 Wrap-Up and AI’s Dominant Role

RSAC 2026 brought together an estimated 43,000 attendees, celebrating collaboration, dynamic discussions, and industry energy (00:48).
AI is the leading theme, with both defensive and adversarial uses rapidly changing the cyber risk landscape.
AI agents can now identify zero-day vulnerabilities and soon may generate most new code, increasing both opportunities and risks for defenders (01:01).
- “AI agents can already identify zero day vulnerabilities in open source software and may soon generate most new code.” – Panel summary (01:01)
Large Language Models (LLMs) enable highly personalized phishing attempts and mass exploitation, though no fundamental cryptographic weaknesses in AI were identified.
Defensive challenges: Faster, automated attacks, less clear threat models, and lagging patch cycles heighten exposure for organizations.

U.S. Cyber Response Thresholds and Cybersecurity Policy

Still no clear definition for what triggers a U.S. military (kinetic) response to cyber attacks:
- Gen. Paul Nakasone: Keeps threshold flexible, rests with president.
- Adm. Mike Rogers: Urges criteria such as loss of life or infrastructure damage (02:15).
Uncertainty complicates cyber deterrence and raises concerns about U.S. falling behind adversaries.

CISA and the Impact of Government Shutdowns

CISA’s Acting Director Nick Anderson reports that with 60% of staff furloughed due to a Homeland Security shutdown, proactive defense and coordination has slowed, leaving gaps adversaries could exploit (03:45).
- "Reduced coordination and delayed directives create openings for adversaries targeting critical infrastructure..." – Nick Anderson (03:58)

Global Threat Reports: China, Iran, and Others

China: Rapid7 reports China-linked actors embedding deep, stealthy backdoors (like BPF Door) in telecom infrastructure, aiming for persistent espionage (05:00).
Iran: “Pay2Key” ransomware resurges with enhanced tactics, including rapid execution (compromising a healthcare provider in 3 hours) and anti-forensics, amid renewed U.S.–Iran tensions (06:18).
India: Nationwide CCTV audit after Pakistan-linked operatives allegedly installed surveillance cameras in sensitive locations, raising national security concerns (07:36).

Data Exposure and Regulatory Response

Florida suspends Mira Health for offshoring Medicare patient data to India and the Philippines without consent, affecting over 23,000 beneficiaries and raising PHI breach risks (08:25).

Product Security and Law Enforcement

Cisco issues patches for iOS and iOS XE vulnerabilities (including Catalyst 9300 switches) to prevent privilege escalation and denial-of-service—no active exploitation found (09:15).
Russian authorities arrest suspected operator of the Leakbase cybercrime forum following coordinated international raids in March (10:04).

3. RSAC “Man on the Street” Interviews (Kevin McGee)

Ann Johnson (Microsoft, Afternoon CyberTea Podcast Host)

AI is “the year’s big thing”—everyone’s discussing AI’s application both to improve cybersecurity and secure AI itself.
Impressed by startups focused on configuration management via AI, not just generalized “AI for everything” pitches.
- “You can use AI to make your configurations better. I said that is cool.” – Ann Johnson (14:22)
Sees AI’s primary use cases in non-human identities, SOC operations, IoT, and speeding up governance, risk, and compliance (GRC).
On industry innovation: Rejects notion of “end of innovation”—argues AI is ushering in a creative renaissance, albeit a bumpy one (15:21).
- “AI is going to drive a bunch of creativity innovation. It’s going to make us better than we are.” – Ann Johnson (15:21)

David Shipley (Beauceron Security)

Focuses on “layer 8”—the human factor—blending neuroscience and psychology with cyber awareness.
Warns against “technological overconfidence”—belief that security tools are perfect leads to 80–140% more phishing clicks.
- “When people believe security tools always protect them...they click on phishing 80 to 140% more.” – David Shipley (17:10)
Notes “optimism bias” (assuming bad things happen to others), increases risk by 30–40%.

Dr. Jessica Barker & “FC” (Noted Authors)

Consensus: RSAC is buzzing about AI, but also wary. Huge marketing noise, little real innovation (18:18–20:03).
Jessica Barker: “If everyone did what their marketing said they did, we would all be out of a job because it’s all solved, apparently...I haven’t seen anything that’s actually impressed me so far this year.” (18:43, 19:31)
FC: Sees both attackers and defenders wielding the same new AI tools—“no longer a cat-and-mouse game.” (20:35)
- “This is the first time in cybersecurity history where both the bad guys and the good guys have the same power, the same tooling at the same time.” – Jessica Barker (20:35)

4. Final Story: Google’s Ambitious Patent (22:40)

Google receives a patent for technology that can dynamically replace a company’s web landing page with an AI-generated alternative tailored to individual users.
Google may use signals like conversion rate and page quality to decide if it should present its own AI-driven version to users—potentially before users see the original site.
Represents a shift in user experience—websites as “raw material for AI assembly,” possibly challenging traditional brand/user interaction (22:40).
- “Websites could shift from destinations to raw material for AI assembly, extending a trend where search features increasingly mediate how users experience brands...” – Dave Bittner (22:50)

5. Notable Quotes & Memorable Moments (with Timestamps)

“AI agents can already identify zero day vulnerabilities...may soon generate most new code.” – RSAC cryptographers panel (01:01)
“No consensus red line emerged. Uncertainty about response thresholds complicates deterrence strategy.” – Host summarizes lack of clear U.S. response threshold (02:25)
“Reduced coordination and delayed directives create openings for adversaries targeting critical infrastructure...” – Nick Anderson, CISA (03:58)
“AI is going to drive a bunch of creativity innovation. It’s going to make us better than we are.” – Ann Johnson (15:21)
“When people believe security tools always protect them...they click on phishing 80 to 140% more.” – David Shipley (17:10)
“If everyone did what their marketing said they did, we would all be out of a job...It’s all solved, apparently.” – Jessica Barker (18:43)
“Both the bad guys and the good guys have the same power, the same tooling at the same time.” – Jessica Barker (20:35)
“Websites could shift from destinations to raw material for AI assembly...” – Dave Bittner (22:50)

6. Useful Timestamps for Key Segments

00:48 – RSAC wrap-up, AI and modern cyber risk
01:01 – RSAC cryptographers panel: AI threat insights
02:15 – U.S. cyber response debate (Nakasone & Rogers)
03:45 – CISA shutdown risks (Nick Anderson testimony)
05:00 – China-linked telecom espionage
06:18 – Iran’s pay-to-key ransomware resurgence
07:36 – India’s nationwide CCTV audit
08:25 – Mira Health’s Medicare data breach, regulatory response
09:15 – Cisco vulnerability disclosures and patches
10:04 – Leakbase forum takedown and arrest
13:44 – Kevin McGee’s “man on the street” (Ann Johnson interview)
16:01 – Interview with David Shipley
17:57 – Interviews with Jessica Barker & FC
22:40 – Google’s patent and visionary shift for landing pages

7. Tone and Language

The episode balances technical detail with clear, engaging summaries and candid, unscripted takes from respected experts. It maintains a brisk, newsroom style, peppered with on-the-ground observations and a touch of humor, particularly in the “man on the street” segments.

8. Conclusion

This episode captures the current pulse of the cybersecurity industry as seen at RSAC 2026: AI dominates conversation and innovation, but with equal parts skepticism and excitement. Human factors remain central even as automated threats grow. Strategic uncertainty—policy, bureaucracy, regulation—continues to shape the threat landscape, and the industry’s future demands both adaptability and clear-eyed optimism.

1. Episode Overview

2. Key Discussion Points & Insights

RSAC 2026 Wrap-Up and AI’s Dominant Role

RSAC 2026 brought together an estimated 43,000 attendees, celebrating collaboration, dynamic discussions, and industry energy (00:48).
AI is the leading theme, with both defensive and adversarial uses rapidly changing the cyber risk landscape.
AI agents can now identify zero-day vulnerabilities and soon may generate most new code, increasing both opportunities and risks for defenders (01:01).
- “AI agents can already identify zero day vulnerabilities in open source software and may soon generate most new code.” – Panel summary (01:01)
Large Language Models (LLMs) enable highly personalized phishing attempts and mass exploitation, though no fundamental cryptographic weaknesses in AI were identified.
Defensive challenges: Faster, automated attacks, less clear threat models, and lagging patch cycles heighten exposure for organizations.

U.S. Cyber Response Thresholds and Cybersecurity Policy

Still no clear definition for what triggers a U.S. military (kinetic) response to cyber attacks:
- Gen. Paul Nakasone: Keeps threshold flexible, rests with president.
- Adm. Mike Rogers: Urges criteria such as loss of life or infrastructure damage (02:15).
Uncertainty complicates cyber deterrence and raises concerns about U.S. falling behind adversaries.

CISA and the Impact of Government Shutdowns

CISA’s Acting Director Nick Anderson reports that with 60% of staff furloughed due to a Homeland Security shutdown, proactive defense and coordination has slowed, leaving gaps adversaries could exploit (03:45).
- "Reduced coordination and delayed directives create openings for adversaries targeting critical infrastructure..." – Nick Anderson (03:58)

Global Threat Reports: China, Iran, and Others

China: Rapid7 reports China-linked actors embedding deep, stealthy backdoors (like BPF Door) in telecom infrastructure, aiming for persistent espionage (05:00).
Iran: “Pay2Key” ransomware resurges with enhanced tactics, including rapid execution (compromising a healthcare provider in 3 hours) and anti-forensics, amid renewed U.S.–Iran tensions (06:18).
India: Nationwide CCTV audit after Pakistan-linked operatives allegedly installed surveillance cameras in sensitive locations, raising national security concerns (07:36).

Data Exposure and Regulatory Response

Florida suspends Mira Health for offshoring Medicare patient data to India and the Philippines without consent, affecting over 23,000 beneficiaries and raising PHI breach risks (08:25).

Product Security and Law Enforcement

Cisco issues patches for iOS and iOS XE vulnerabilities (including Catalyst 9300 switches) to prevent privilege escalation and denial-of-service—no active exploitation found (09:15).
Russian authorities arrest suspected operator of the Leakbase cybercrime forum following coordinated international raids in March (10:04).

3. RSAC “Man on the Street” Interviews (Kevin McGee)

Ann Johnson (Microsoft, Afternoon CyberTea Podcast Host)

AI is “the year’s big thing”—everyone’s discussing AI’s application both to improve cybersecurity and secure AI itself.
Impressed by startups focused on configuration management via AI, not just generalized “AI for everything” pitches.
- “You can use AI to make your configurations better. I said that is cool.” – Ann Johnson (14:22)
Sees AI’s primary use cases in non-human identities, SOC operations, IoT, and speeding up governance, risk, and compliance (GRC).
On industry innovation: Rejects notion of “end of innovation”—argues AI is ushering in a creative renaissance, albeit a bumpy one (15:21).
- “AI is going to drive a bunch of creativity innovation. It’s going to make us better than we are.” – Ann Johnson (15:21)

David Shipley (Beauceron Security)

Focuses on “layer 8”—the human factor—blending neuroscience and psychology with cyber awareness.
Warns against “technological overconfidence”—belief that security tools are perfect leads to 80–140% more phishing clicks.
- “When people believe security tools always protect them...they click on phishing 80 to 140% more.” – David Shipley (17:10)
Notes “optimism bias” (assuming bad things happen to others), increases risk by 30–40%.

Dr. Jessica Barker & “FC” (Noted Authors)

Consensus: RSAC is buzzing about AI, but also wary. Huge marketing noise, little real innovation (18:18–20:03).
Jessica Barker: “If everyone did what their marketing said they did, we would all be out of a job because it’s all solved, apparently...I haven’t seen anything that’s actually impressed me so far this year.” (18:43, 19:31)
FC: Sees both attackers and defenders wielding the same new AI tools—“no longer a cat-and-mouse game.” (20:35)
- “This is the first time in cybersecurity history where both the bad guys and the good guys have the same power, the same tooling at the same time.” – Jessica Barker (20:35)

4. Final Story: Google’s Ambitious Patent (22:40)

Google receives a patent for technology that can dynamically replace a company’s web landing page with an AI-generated alternative tailored to individual users.
Google may use signals like conversion rate and page quality to decide if it should present its own AI-driven version to users—potentially before users see the original site.
Represents a shift in user experience—websites as “raw material for AI assembly,” possibly challenging traditional brand/user interaction (22:40).
- “Websites could shift from destinations to raw material for AI assembly, extending a trend where search features increasingly mediate how users experience brands...” – Dave Bittner (22:50)

5. Notable Quotes & Memorable Moments (with Timestamps)

“AI agents can already identify zero day vulnerabilities...may soon generate most new code.” – RSAC cryptographers panel (01:01)
“No consensus red line emerged. Uncertainty about response thresholds complicates deterrence strategy.” – Host summarizes lack of clear U.S. response threshold (02:25)
“Reduced coordination and delayed directives create openings for adversaries targeting critical infrastructure...” – Nick Anderson, CISA (03:58)
“AI is going to drive a bunch of creativity innovation. It’s going to make us better than we are.” – Ann Johnson (15:21)
“When people believe security tools always protect them...they click on phishing 80 to 140% more.” – David Shipley (17:10)
“If everyone did what their marketing said they did, we would all be out of a job...It’s all solved, apparently.” – Jessica Barker (18:43)
“Both the bad guys and the good guys have the same power, the same tooling at the same time.” – Jessica Barker (20:35)
“Websites could shift from destinations to raw material for AI assembly...” – Dave Bittner (22:50)

6. Useful Timestamps for Key Segments

00:48 – RSAC wrap-up, AI and modern cyber risk
01:01 – RSAC cryptographers panel: AI threat insights
02:15 – U.S. cyber response debate (Nakasone & Rogers)
03:45 – CISA shutdown risks (Nick Anderson testimony)
05:00 – China-linked telecom espionage
06:18 – Iran’s pay-to-key ransomware resurgence
07:36 – India’s nationwide CCTV audit
08:25 – Mira Health’s Medicare data breach, regulatory response
09:15 – Cisco vulnerability disclosures and patches
10:04 – Leakbase forum takedown and arrest
13:44 – Kevin McGee’s “man on the street” (Ann Johnson interview)
16:01 – Interview with David Shipley
17:57 – Interviews with Jessica Barker & FC
22:40 – Google’s patent and visionary shift for landing pages

wavePod

Summary

1. Episode Overview

2. Key Discussion Points & Insights

RSAC 2026 Wrap-Up and AI’s Dominant Role

U.S. Cyber Response Thresholds and Cybersecurity Policy

CISA and the Impact of Government Shutdowns

Global Threat Reports: China, Iran, and Others

Data Exposure and Regulatory Response

Product Security and Law Enforcement

3. RSAC “Man on the Street” Interviews (Kevin McGee)

Ann Johnson (Microsoft, Afternoon CyberTea Podcast Host)

David Shipley (Beauceron Security)

Dr. Jessica Barker & “FC” (Noted Authors)

4. Final Story: Google’s Ambitious Patent (22:40)

5. Notable Quotes & Memorable Moments (with Timestamps)

6. Useful Timestamps for Key Segments

7. Tone and Language

8. Conclusion

Summary

1. Episode Overview

2. Key Discussion Points & Insights

RSAC 2026 Wrap-Up and AI’s Dominant Role

U.S. Cyber Response Thresholds and Cybersecurity Policy

CISA and the Impact of Government Shutdowns

Global Threat Reports: China, Iran, and Others

Data Exposure and Regulatory Response

Product Security and Law Enforcement

3. RSAC “Man on the Street” Interviews (Kevin McGee)

Ann Johnson (Microsoft, Afternoon CyberTea Podcast Host)

David Shipley (Beauceron Security)

Dr. Jessica Barker & “FC” (Noted Authors)

4. Final Story: Google’s Ambitious Patent (22:40)

5. Notable Quotes & Memorable Moments (with Timestamps)

6. Useful Timestamps for Key Segments

7. Tone and Language

8. Conclusion