Summary5 min read

Podcast Summary: Data Security Decoded

Episode: AI Takes Over RSAC Conference (Now What?) with Dave Bittner
Host: Caleb Tolan (Rubrik)
Guest: Dave Bittner (N2K, CyberWire Daily)
Release Date: March 31, 2026

Episode Overview

In this episode, host Caleb Tolan talks with cybersecurity journalist and industry veteran Dave Bittner, fresh from the RSA Conference (RSAC). The conversation dives deep into the 2026 event’s prevailing theme: the rise and risks of agentic AI in data security. Together, they explore the energy and concerns at RSAC, new challenges for defenders, AI-driven identity threats, AI governance, the “machine speed” arms race, and the emergence of “shadow AI.” The episode provides key takeaways for security leaders grappling with integrating AI securely in their organizations.

Key Discussion Points and Insights

The Atmosphere and Energy at RSAC 2026

Increased Optimism and Buzz: Dave noted a renewed energy, with a pragmatic, forward-looking vibe from attendees despite uncertainty globally and in the tech sector ([02:13]–[03:30]).
- “Overall I felt like people were positive and had an optimistic outlook... It was upbeat, wonderful.” — Dave Bittner [02:13]

AI Dominates, Especially “Agentic AI”

Ubiquity of AI: AI was everywhere at the conference, not only in presentations but on billboards, buses, and general branding ([03:30]–[04:05]).
Agentic AI as Norm: The notion of “agentic AI”—AI agents empowered to act on users’ behalf—was viewed as a given, shifting conversations to safety and guardrails ([04:05]–[05:36]).
- “The notion of agentic AI was kind of accepted as a given... This is where we're going.” — Dave Bittner [04:05]

The Identity Challenge in an AI-Driven Landscape

Identity at the Center: With AI agents acting autonomously, identity protection has become a critical attack vector and defense priority ([05:36]).
Classic Attack Vectors Reframed: The oft-quoted adage—“attackers aren't hacking in anymore, they're logging in”—is evolving as AI becomes intertwined with identity ([05:36]–[06:24]).
- “AI is being treated like a new landscape of identity.” — Caleb Tolan [05:36]

AI Guardrails, Governance, and Zero Trust

Guardrails Are Paramount: Vendors and practitioners focused on practical solutions for governance, from constraining agent behavior to ensuring robust oversight ([05:36]–[06:24]).
AI Prone to Manipulation: Dave recounted real-world cases of AI agents being “tricked” or manipulated (e.g., a chatbot at a dealership agreeing to sell a truck for a dollar) ([06:24]–[08:05]).
- “People are worried about things spinning out of control really quickly and clever crooks being able to take advantage of the AI agents' desire to please.” — Dave Bittner [06:56]

The Speed Dilemma: Machine vs. Human

Machine-Speed Threats: Intelligence and research professionals are concerned about the sheer velocity (“machine speed”) of AI-driven attacks. Defenders must adopt AI themselves to keep up ([08:31]–[09:32]).
- “There's a lot of concern about the analysts being able to do their work at a speed that keeps up with the velocity of the AI agents.” — Dave Bittner [08:31]
Humans Stay in the Loop: Despite acceleration, there was consensus that AI should not have the final word; human oversight remains essential ([09:32]).

Prompt Injection & Novel Attack Vectors

Prompt Injection Risks: Researchers discussed how threat actors use techniques like prompt injection to influence LLMs or AI agents, similar to malware injection but with natural language ([09:32]).

Alignment: AI Rollout is Inevitable

AI Adoption is a Fact: The consensus among security leaders and practitioners was that AI deployment in enterprise is now unavoidable. The focus must move from “if” to “how” it is controlled ([10:08]–[11:44]).
- “We're past the point where people are accepting that these tools are inevitable. It is happening, get on board.” — Dave Bittner [10:08]
Containment, Not Prevention: The focus is on limiting damage if (not when) things go wrong—evoked by the phrase “limit the blast radius” ([10:08]).
- “Limit the blast radius, which is a bit foreboding... So the blast is gonna happen, but we just need to limit how many things get blown up in the process.” — Dave Bittner [10:41]

Shadow AI: The New Shadow IT

Emergence of "Shadow AI": Just as “shadow IT” described employees circumventing controls with unsanctioned apps, “shadow AI” now describes employees bringing AI tools into workflows—with or without approval ([12:26]–[13:21]).
- “Now, in addition to [shadow IT], we have shadow AI... These tools are too powerful, too alluring for them not to use them.” — Dave Bittner [12:26], [12:56]
Embrace, Don't Block: Organizations are advised to guide and monitor internal AI use, rather than simply prohibit it, to maintain oversight and security ([12:56]).

Notable Quotes & Memorable Moments

| Timestamp | Speaker | Quote | |-----------|----------------|------------------------------------------------------------| | 00:10 | Dave Bittner | “There's a lot of excitement, but there's a lot of fear as well. Both are justifiable and well placed.” | | 04:05 | Dave Bittner | “The notion of agentic AI was kind of accepted as a given... This is where we're going.” | | 06:56 | Dave Bittner | “People are worried about things spinning out of control really quickly and clever crooks being able to take advantage of the AI agents' desire to please.” | | 08:31 | Dave Bittner | “There's a lot of concern about the analysts being able to do their work at a speed that keeps up with the velocity of the AI agents.” | | 10:08 | Dave Bittner | “We're past the point where people are accepting that these tools are inevitable. It is happening, get on board.” | | 10:41 | Dave Bittner | “Limit the blast radius, which is a bit foreboding... So the blast is gonna happen, but we just need to limit how many things get blown up in the process.” | | 12:26 | Dave Bittner | “Now, in addition to [shadow IT], we have shadow AI... These tools are too powerful, too alluring for them not to use them.” | | 12:56 | Dave Bittner | “Better to have them doing it where you can keep an eye on it... Protect the important things of your org... Because if you try to shut it down, these tools are too powerful, too alluring for them not to use them.” |

Timestamps for Key Segments

[02:13] RSAC 2026 atmosphere and energy
[04:05] The inevitability and acceptance of agentic AI
[05:36] Identity and AI: new security frontiers
[06:24] AI governance, guardrails, and real-world vulnerabilities
[08:31] The speed challenge: defenders vs. attackers
[10:08] AI as a fait accompli: Focus on safe integration
[12:26] Shadow AI and the need for collaborative governance

Conclusion

This episode offers a candid look inside RSAC 2026, where the conversation around AI security has shifted from speculative to pragmatic. AI—as both a tool and a threat—is now an inescapable part of the cybersecurity landscape. The industry’s urgent challenge is to establish governance and control around agentic AI, manage identity risks, and keep up with the pace of machine-speed threats. Leaders are encouraged to embrace, not resist, AI usage—with oversight and collaboration—echoed by the new mantra: “limit the blast radius.” As AI reshapes enterprise security, ongoing vigilance and adaptation are essential.

Loading summary

Transcript26 lines

[00:02]
A
You're listening to the Cyberwire Network, powered by N2K.
[00:10]
B
It's a new frontier. There's a lot of excitement, but there's a lot of fear as well. And I think both the excitement and the fear are justifiable and well placed.
[00:30]
A
Hello, and welcome to another episode of Data Security Decoded. I'm your host, Caleb Tolan, and if this is your first time joining us, welcome to the show. Make sure you hit that subscribe button so you're notified when we drop new episodes and if you are already a subscriber. Thanks for coming back and spending more time with us. I'd love it if you gave us a rating or a review on Apple Podcasts or Spotify. Your feedback really helps me understand what you want to learn more about, and it helps us reach more audience members just like you. Now, today I had the pleasure of sitting down with the legendary Dave Bittner. Yes. The Host of the N2K CyberWire, CyberWire Daily. We were just recapping the conversations that he was having at RSA Conference, which just wrapped last week. And it was a really interesting conversation about some of the themes. I'm sure you can, as you can imagine, there was a lot about AI. And, you know, it's really exciting to see what some of the businesses are doing in terms of deploying AgentIC AI throughout the business and the different solutions that are out there. So without further ado, get into it. All right, Dave, welcome to Data Security Decoded. You're in a very different position than you normally are. Usually you're on my side of things, and now you get to get to play victim here and be the interviewee.
[01:41]
B
I'm not sure how to behave myself.
[01:44]
A
I know, I know. I'm sure you're. You'll. It'll, it'll be like riding a bike, but I don't know, riding a motorcycle or something. I don't know what the excellent is having me.
[01:52]
B
Yeah, yeah. Good to be here.
[01:53]
A
Absolutely. Absolutely. Well, to kick things off, we're here to chat about RSA and what, what the recap was from the event. So you've been to many RSAs. You even had a cool pin that you pointed out to me. It means you get it after like 7 or 9 RSAs, something like that. So you've been to many in the past. How, what felt different about this year compared to years past?
[02:14]
B
I thought it was a really good RSA conference. I thought the energy was up and I didn't know what to expect coming into this year's conference. Because I think obviously there are a lot of things going on around the world. There's a lot of uncertainty when it comes to not just global events, but within the industry itself, people not knowing how is all this AI stuff going to shake out, how are jobs going to shake out, is AI going to take my job, all those sorts of things. But overall I felt like people were positive and had an optimistic outlook. So I thought the event was very well run, as it usually is. They've got it down. It's not an inexpensive conference to run nor attend. So the folks who are running it I think do a great job and that shows things are on time and, and well done, well organized. Well, the signage is good, all, all that sort of stuff. Getting your badge is quick and easy. So I was impressed. I, I had a, a good time, a lot of good conversations and overall I felt like it was upbeat, wonderful.
[03:31]
A
Well, I want to kind of click into that conversation you just, or the, what you just mentioned about the conversations you had. So, I mean, anyone who is around San Francisco, the week of rsa, AI was plastered everywhere. It was on every billboard, every bus, every place that you think there shouldn't be a sign, but somehow there still was a sign. Right. And you spoke with many of the leaders who were leading these companies or introducing these, these softwares and solutions into the market. So after speaking with some of them, what were you most excited to hear about in terms of AI for the Defender?
[04:05]
B
Well, I think to your point, yes, absolutely. AI was the hot topic. And I think that surprised no one. I think going into it, we all knew that was going to be the hot topic and not just AI, but agentic AI. So this idea of turning over control of your system to an AI agent that can do things on your behalf. I think what was interesting to me in the conversations I had with leaders was that the notion of agentic AI was kind of accepted as a given that this is where we're going, this is likely going to happen, or at the very least we're going to try it. And so I think the conversations were more about how do we put proper guardrails on that. If this is going to happen and we think it is, how do we make sure that we can do this in a way that's safe and secure? And lots of talk of identity, of respecting people's identity and ensuring people's identity, protecting it, making sure that the agentic AIs respect the guardrails that are put upon them. So I guess that was the surprise to me. Or the clarification to me, I knew we were going to be talking about agentic AI, but I didn't expect so much of the conversation to be about how to put guardrails on it and what the future integration might look like.
[05:36]
A
Right, and what you brought up there about identities, too, is pretty interesting because obviously we hear a lot from identity vendors at conferences like RSA about, you know, it's the number one threat vector. It's how every attacker is getting into systems. Not every that's, you know, overarching, but it's. It's how. It's the classic saying, attackers aren't hacking in anymore, they're logging in. And with AI, it's being treated like a new landscape of identity. So the integration there is something that organizations are going to have to figure out how they address that. And then on top of that, it's very interesting that most companies were talking about guardrails and governance of their AI agents. Was there anything that stood out in particular on that topic of AI governance specifically?
[06:25]
B
Well, again, the identity thing was front and center. I think people worried about things like lateral movement. I think people are concerned about things like being able to fool the agents into doing things that you don't want them to do. You know, there was a case, I know it's probably been a year ago now, where somebody convinced a chat agent at a car dealership to sell them a truck for a dollar. You know, lucky them.
[06:55]
A
How can I replicate that?
[06:57]
B
Well, but the thing was, it wasn't that they just said, hey, will you sell me a truck for a dollar? They said, are you authorized to negotiate on the company's behalf? And the AI agent said, yes. And the person said, you know, something like, so our chat is legally binding. And the chat said, yes, and then said, all right, I want you to sell me a truck for a dollar. And the AI agent said, okay. Now, ultimately, that didn't play through. Cooler heads prevailed. And, you know, a judge wasn't going to allow that to go through, but it was representative of the kinds of things that I think people are worried about, of things spinning out of control really quickly and clever crooks being able to take advantage of the AI agents desire to please and do whatever is asked of it. So that seems to be to me to be the focus of how to integrate this into things like zero trust and, you know, again, putting guardrails on what we allow these things to do it. It's a new frontier. There's a lot of excitement, but there's a lot of Fear as well. And I think both the excitement and the fear are justifiable and well placed.
[08:05]
A
Interesting. Yep, absolutely. And so outside of the conversations you had with the security vendor leaders, you also spoke with a lot of what I imagine are the intelligence leaders in different capacities and the researchers that were at rsa. So outside of what the enterprises were talking about, what were those threat intelligence analysts really talking a lot about in your conversations with them?
[08:31]
B
I think, I guess the thing that would, that would stand out is a lot of conversation about velocity, that things are happening. It's referred to as machine speed rather than human speed. So there's a lot of concern about the analysts being able to do their work at a speed that keeps up with the velocity of the AI agents. So again, this means that they're going to be using the AI systems as an assistant to empower what they're doing, to accelerate what they're doing and help them. They all understand that. I think the AI should not and will not have the final word, but I think they also think that it's going to be a necessity that they're not going to be able to do the work that they need to do at the speed at which they need to do it without using these tools, because their adversaries are absolutely going to be using these tools.
[09:32]
A
Absolutely, totally understand where these, where these intelligence folks are coming from. It's prompt injection, I know, is another big topic that a lot of them were talking about as well, and just how adversaries are kind of taking a new approach to injecting malware into code. They can do kind of a similar thing with natural language into LLMs and your AI agents and how you set those up up so very, very much. AI was the topic front and center at rsa. I have a feeling I already know what the answer to my next question is going to be from you, but what was your biggest takeaway from the event overall at the highest level?
[10:09]
B
Well, again, I think the biggest takeaway is that we're past the point where people are accepting that these tools are inevitable. It is happening, get on board. There's no, there's no not doing it for better, for worse. And so given that reality, both technologically and just business wise, that shifts the burden onto trying to do this safely. And so I think that was the biggest takeaway for me is that we're past the conversation of whether or not this is going to happen. It's going to happen. It's now it's just a matter of containing it. Phrases I heard A lot was limit the blast radius, which is a bit foreboding. Right. That's the attitude that we're gonna. So the blast is gonna happen, but we just need to limit how many things get blown up in the process. So I think there's. People are, despite things, moving ahead, full speed ahead with the AI, people are kind of leaning back and saying, okay, you know, it's kind of like when you're on that first lift hill on a roller coaster at an amusement park and they say, please hold on to the bar. And you hear the clicking sound as you're going up the hill right before you go down. The first thing, people have that, that feeling of anticipation, a little bit anxiety, like, I signed up for this. There's no getting off now. So we're just going to hold on and enjoy the ride.
[11:45]
A
Right, right. With this push of agentic AI, I think that many businesses are starting to kind of crystallize and realize what AI deployment in their environments actually can look like. Rewind. Like two, three years ago, we were all talking about the same thing, but we hadn't. It was so theoretical in concept. Nobody had the idea of like, how is this actually going to manifest in the enterprise right now? And I think we're getting a lot more just clear, a lot of clarity on the vision of where, where that's headed. But those guardrails are very important, like you talked about. So excited to see how those develop even into the next year. And maybe next year we can do another recap and see how. How AI agents are shaping up the. The rest of the world too.
[12:27]
B
I. I think another thing to note, Caleb, is another point of concern is that we've shifted from this idea of shadow it. Now, in addition to that, we have shadow AI. Right. Where your employees are using AI to help with their jobs. If you tell them not to, they're still going to do it on their personal devices.
[12:54]
A
That may make them want to do it even more.
[12:56]
B
Right, right. So better to have them doing it where you can keep an eye on it. Put those guardrails in, protect the important things of your organ. Do it in a collaborative way with your employees where everybody's on the same page. Because if you try to shut it down, these tools are too powerful, too alluring for them not to use them.
[13:22]
A
Right. It's really interesting because, I mean, AI is a newer concept for these enterprise businesses, but the way that the security community is addressing it is almost similar to any other new technology phenomenon. It's all about observability, governance, These are all terms that we've heard for years and years. It's just we're applying it to a new, new type of software and new type of technology. So yeah, it's very interesting. We'll see how it shakes out over the next year.
[13:52]
B
But Dave, thank you so much. Yeah, absolutely. No, it's my pleasure. Thanks for having me, Caleb. Always, always good to talk with you. Foreign.
[14:08]
A
That's a wrap on today's episode of Data Security Decoded. If you like what you heard today, please subscribe wherever you listen and leave us a review on either Apple Podcasts or Spotify. Your feedback really helps me understand what you want to hear more about. And if you want to email us directly about the show, shoot us an email at data-security-decoded2k.com thank you to Rubrik for sponsoring this podcast. The team at N2K includes senior producer Liz Stokes and executive producer Jennifer Ibing. Content strategy by Mayan Plout Sound designed by Elliot Peltzman Audio mixing by Elliot Peltzman and Trey Hester Video production support by Bridget Kirkey Wilde and Sorel Joppy. Until next time, stay resilient.
[14:53]
B
Sam.