The race to become the next CrowdStrike or Wiz in AI security is playing out this week at the RSAC Conference, the cybersecurity industry's largest gathering.

Why it matters: A wave of AI-native upstarts in the cybersecurity space is piling pressure on incumbents to adapt through acquisitions and by building new capabilities

• "These vendors are very aware now that they need to adapt because if they don't, these smaller, AI-native companies have a very unique window where they can really penetrate the market," Dimitri Zabelin, a senior investment research analyst at PitchBook, told Axios.

The big picture: Wiz and CrowdStrike became breakout cybersecurity players by quickly owning emerging technology shifts — cloud for Wiz and endpoint detection for CrowdStrike.

• Now, cybersecurity CEOs say they're feeling pressure to keep up and are arriving at RSAC looking for acquisition targets and ideas to build internally.

Driving the news: Customers will spend the week at RSAC comparing notes on which vendors are best at defending against the AI-driven threats they're already facing, Hugh Thompson, executive chairman of RSAC, told Axios.

• "You're going to see a lot of these companies have to respond at a speed that they really haven't had [to before]," he added.

Threat level: Legacy vendors and emerging startups are up against a fast-changing landscape.

• Some customers are building AI-powered security operations centers in-house instead of outsourcing to vendors.
• Others are shifting portions of their cybersecurity spending to smaller, AI-focused vendors.
• At the same time, Anthropic and OpenAI are exploring agentic cybersecurity products built on top of their existing code security platforms.

By the numbers: In the last quarter of 2025, deals involving security orchestration, automation and response (SOAR) — or tools that identify and respond to threats like phishing and data exfiltration — grew 76.5%, according to PitchBook.

• In 2025, half of all cybersecurity deals involved AI-native startups, per PitchBook.

Zoom in: Rubrik CEO Bipul Sinha told Axios the cybersecurity market "as we know it is dead." The most successful vendors will be those that reimagine their products as AI-native, not just AI-enhanced, he said.

• Earlier this year, Rubrik made its Agent Cloud generally available, offering tools to manage and control AI agents on systems.
• "If the company has culture of change, adaptability, innovation — that's the company that will survive," Sinha said.

Reality check: While some legacy vendors are adapting, others are failing to grasp the shift, including its implications for the workforce, analysts told Axios.

• "There is still a lot of head in the sand for the reality of the situation and a lot of marketing as well," Jeff Pollard, vice president and principal analyst at Forrester, told Axios.
• Many large companies are unlikely to quickly abandon long-standing security vendors in favor of early-stage AI startups.

What to watch: The list of winners from RSAC's Innovation Sandbox, the conference's flagship startup pitch competition, as a signal for where market demand is heading.

In Northern California wine country the weekend before RSAC, roughly 80 top cybersecurity CEOs, chief information security officers and former government officials convene at the intimate Cyber Council gathering to game out the next two to three years for the industry.

• For the first time, they allowed a reporter into this space.

Why it matters: The predictions made in these wine country gatherings have a frighteningly good track record of coming true, organizers told Axios.

Case in point: In 2023, a presenter demoed how deepfake technology could be used to trick an employee into wiring millions of dollars to someone impersonating their CFO.

• Eight months later, that happened in Hong Kong.

What they're saying: "One of the things we wanted to do was to make this like the Davos of cybersecurity," Greg Clark, managing partner at Crosspoint Capital and one of the organizers of Cyber Council, told Axios.

• "In two or three years, these are going to be on your desk," he added. "When you come here, you're leaving with benefit."

Between the lines: Cyber Council challenges participants to look beyond daily threats and think about broader technological innovations on the horizon.

• 🤫 I wasn't allowed at most of the sessions, which are held under Chatham House rules to allow for free-flowing conversations.
• 🔮 But organizers shared the topics discussed and why they matter for the future of cybersecurity.

Neural processing

The potential of neural chip implants is understandably a bit freaky to many. But once the technology is more capable, it will likely unlock more than just brain power — it will also offer a faster way to run AI technologies than current chip technologies allow.

• "If it works, it will train a lot faster than our best GPUs can," Clark said. "When it shows up in volume and people can actually reliably produce it, it can really take the heat off of the power supply problems and the actual speed of training things."

Gene editing

Another session focused on the potential for genetic editing, including some of the wilder applications being discussed today — and their potential for curing diseases like cancer.

• Yes, but: Once this technology is widely available, privacy concerns will follow, Clark said.

Quantum

The significance of quantum goes beyond just the fear of quantum computers being able to decrypt encrypted materials — although that was also top of mind over the weekend.

• One expert detailed the ways that quantum can allow for communications between two entities, located across the world, without a radio frequency or cable.

Jen Easterly, former director of the Cybersecurity and Infrastructure Security Agency and the new CEO of RSAC, told Axios before this year's conference that she's looking forward to welcoming back the Trump administration to the conference in future years.

Why it matters: In a rare move, the Trump administration, including Easterly's former agency, pulled its attendance from this year's conference.

Catch up quick: RSAC named Easterly its CEO in January. Shortly after, a CISA spokesperson said the agency would no longer be attending the event "to ensure maximum impact and good stewardship of taxpayer dollars."

• Last year, Trump ally Laura Loomer publicly criticized the U.S. Military Academy at West Point's decision to offer Easterly a teaching job — which was ultimately rescinded.

What they're saying: "I'm excited about, in the coming years, of welcoming back the federal government, because at the end of the day the federal government plays a really important role in helping us to protect global cyberspace," Easterly told Axios at Cyber Council.

• "You have to be in the room to build that trust," she added. "If you don't have that trust, everything else falls apart."

Between the lines: Early estimates suggest that upward of 44,000 attendees are heading to RSAC, Easterly said, and most veteran attendees know that some of the biggest value comes from that convening power.

What to watch: Whether some current government officials will be spotted at unofficial meetings in San Francisco this week.

Iranian government-linked hackers hit a U.S. medical institution with ransomware in late February, right around when the war in Iran began, according to research released this morning.

Why it matters: This is the second known attack on an American health care organization since tensions between the U.S., Israel and Iran began this year.

Zoom in: Pay2Key, a ransomware gang that's been operating since 2020, appears to have used a compromised administrator's account to gain access to the organization.

• Once inside, the hackers waited several days before deploying malware, which took only three hours to deploy and encrypt the files on the environment.
• Incident responders at Beazley Security responded to the attack in late February and called in researchers at Halcyon to help study the malware.

Yes, but: No data was actually exfiltrated during this attack and the gang didn't make a ransom demand, according to the report.

The big picture: The Iranian government is known to use its own cyber capabilities, including those belonging to unofficial proxy groups, as a means to retaliate to kinetic warfare.

Driving the news: Last week, the FBI accused Iranian intelligence of running a pro-Iran hacktivist group that targeted U.S. medical device company Stryker.

• The FBI also warned on Friday that Iran-linked hackers were using Telegram to push malware against dissidents, journalists and other opposition groups.

What to watch: President Trump and Iranian leaders have continued to threaten attacks on each other's infrastructure amid reports of potential peace talks.

@ D.C.

🏛️ The Senate confirmed Sen. Markwayne Mullin (R-Okla.) to be the next secretary of Homeland Security. (Axios)

📍 FBI Director Kash Patel confirmed during a Senate hearing that the bureau purchases information from third-party data brokers to track people's movement and location history. (Politico)

@ Industry

🦀 During its annual developers conference, Nvidia unveiled NemoClaw, an enterprise wrapper for OpenClaw that brings security controls to the open-source agentic software. (VentureBeat)

💰 Six major technology companies granted the Linux Foundation $12.5 million for a new initiative to help open-source software maintainers grapple with AI slop reports. (The Register)

💸 Xbow, a major AI penetration testing startup, is now valued at $1 billion. (Bloomberg)

@ Hackers and hacks

🏥 Some patients' procedures have now been delayed due to the cyberattack on Stryker. (Bloomberg)

📲 New research suggests that iPhone spyware is now far more pervasive, making it a problem for more than just government officials, human rights activists and journalists. (Axios)

🦾 Tenzai, an Israeli AI security startup founded in 2025, says its AI hacker performed better than 99% of the human competitors it was up against in six capture-the-flag hacking competitions. (Forbes)

👏🏻 Thank you to everyone who turned out to our RSAC event last night in San Francisco!

• ✨ It was standing room only on the first night of this week's show. What a dream!