Hot Take from RSA: We are So Screwed

According to top cybersecurity vendors, presenting at RSA, the adversarial attacks that use AI and specifically OpenClaw-based Agentic AI cyber attacks, ramped up by a factor of 10-20X.

And this is only the beginning.

Especially now that we are at war in Iran, several nation-states feel they have very little to lose from attacking US and Israeli government installations and infrastructure, as well as individual corporate entities. They are doing it with no other design than simply to do harm. That means they will spend money and resources on traditional DDOS attacks, but also any sort of creative poisoning of AI prompts, harming open source projects, and other unconventional methods with the aim to do harm of any sort.

And what do we have to offer as defense?

I've walked the floor. I saw the presentations. While the CEOs talked the big talk as usual and AI was literally on the tagline of every booth, very little in cybersecurity vendor offerings has advanced in a practical way compared to 12 months ago.

Most products are exactly the same as last year.

You read that right: while we were literally in the explosion of AI in the middle of the hottest deployment era, when adversaries are building up the arsenal of attacks, most vendors have shipped… Nothing.

One of my favorite companies, which I followed for years and whose whole ideas I have copied, ahem, "have been inspired by" lol in many projects, has shipped ZERO functionality in 12 months. Their use case this year is a threat investigation, which gets started by a human who has to click the button. Then AI churns, and about five minutes later, AI returns a verdict. Assuming it's an attack, the human then has to click another button to generate… A Jira ticket. Amazing.

In the era when adversaries use OpenClaw AI Agents to do a full scan of the attack surface, locate unpatched vulnerability, take over your entire system, perform lateral movement in the cloud, exfiltrate data and clear their tracks in just 27 minutes, this type of human-in-the-loop processes AI processes are patently absurd.

Worse still -- this is the exact demo they gave last year! There's literally no change from 12 months ago. And most vendors are in the same boat. Even the top companies are offering a set of Lego bricks: completely disconnected capabilities inside an overwrought and confusing UI and acronym soup of features, all without clear, fast, AI-agent-driven processes solving for specific use cases. No defensive capabilities are turned on by default. AI is often reduced to writing JSON rules, rather than actively iterating and blocking agile, creative, non-deterministic, fully-agentic hacker opponents.

Some of the biggest offerings this year involved blocking or controlling agent access for internal teams, which is very wise, but that's only one line of defense. It is nowhere near the full game.

We will not achieve a secure computing environment solely by regulating OpenClaw access. We need to ship AI-driven agentic cyber defense products as a matter of urgency.

Which is why I'm so proud of what I did in December for Sumo Logic — and their booth was full. It's a 4-agent autonomous SOC investigation platform that gives an AI verdict by the time the customer looks at the alert. I built the POC in six weeks, helped the company harden the system in two months — the whole thing was three months to a beta launch on the big stage at re:Invent. 60→3 min MTTR, with a Forrester-validated 166% ROI.

This is just a start. We need to restructure our cybersecurity enterprises into rapid-shipping machines to combat the growing agentic AI threat.

And the only companies I'm seeing today that are doing shipping real AI capabilities are startups. One such company I'm consulting is Hackerdogs.ai -- they provide an ongoing view of how adversaries see your company by showing you your attack surface in just 3 clicks. No alerts, just an actionable daily briefing you can use to fix your open vulnerabilities before hackers can exploit them. Your first scan is free: https://hackerdogs.ai/

We need to accelerate AI-driven Agentic cybersecurity product delivery as a matter of urgency, because failing to do so will, in a very real way, affect our very survival. Here's a Pitch Cafe Podcast on how I created the Sumo Logic agentic SOC POC using Snowball Sprint methodology, while avoiding the four horsemen of the apocalypse that spell doom for 85% of AI-driven products: https://www.youtube.com/watch?v=vVmFyKHx-jA

It's a practical, real-world, proven starting point.

#RSAC #CyberSecurity #AgenticAI #CISO #AIStrategy #SOC #UserExperience #Innovation #PitchCafe #SiliconValley