COMMENTARY: SAN FRANCISO – After walking through the halls of RSAC 2025 the past couple of days and talking to cloud cybersecurity leaders here, three takeaways strike me as the most important:First, I saw the confluence of cloud and application security, identity, and the use of AI for SOC efficiency, hot spot concerns for CISOs.Second, there’s a growing consensus that the industry needs to address them as a single problem, not just in point solutions.The third takeaway: the shift to preemptive tools that prevent problems before they happen. This contrasts with last year’s emphasis on context to enable SOC teams to find and respond to incidents faster. Although context and prioritization remain open wounds and a mandate for cloud security, preemptive solutions are better as they close gaps between different functions.[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]The importance of the three hot spot concerns was evident in the Verizon DBIR, published in the runup to RSAC. Application security remained at the top of the attack vectors list, accounting for 34% of breaches. As for identities, numerous reports find that 70% of attacks use stolen credentials or NHI API keys. Attackers are logging in, not breaking in.The latest Google Cloud Threat Horizons Report for the first half of 2025 also highlights the most critical emerging threats that organizations must address to protect their cloud environments. The report identifies several vectors that pose significant risks, including service account exploitation, identity-based attacks, cloud database vulnerabilities and diversified attack strategies.And while it does not show in these stats that trail by a year, cybersecurity leaders I talked to at RSAC and many presenters here recognize that AI and Gen AI lower the bar needed to deploy an attack. In a panel at a cyber leaders’ breakfast I attended on Tuesday, Check Point’s new CEO Nadav Zafrir said that with GenAI, attackers are now in Disneyland, echoing this problem.Whether embedded in apps or using AI as a force multiplier for hackers to refine and automate their attacks, people I talked to at RSAC are clearly concerned that AI potentially drives the volume and velocity of attacks higher.All these trends are generally identified separately. In fact, they are comingled as a single broad-stroke trend that represents the new threat landscape.In the past 10 years, cloud has become the preferred way to build, host and run apps. Some of the highest profile attacks, however, have crossed the barrier between apps and the cloud infrastructure they use.Massive multi-layer recent attacks including the MOVEit Transfer breach, the XZ Utils backdoor, a Google Cloud metadata exposure via a web application flaw or compromised identity, Log4j and Log4Shell. All of these all exploit an attack path that caused massive disruptions and shared a common approach—initially compromising all layers of modern cloud applications, application workloads and cloud infrastructures.AI gets used by adversaries, resulting in increased volume and velocity of attacks, thus the main challenge we face is keeping up. As it turns out, there of plenty of tools available.The good news? Applying AI to combat these problems was front and center at RSAC.Applying and maintaining security controls for cloud applications takes months and continuous labor-intensive efforts. Preemptive approaches like purple team testing take months to prepare and months to implement the missing controls. By the time they are completed, the application and its infrastructure have changed so many times the efforts are out of date. This creates an imperative to find better, automated ways to do these exercises.Walking through the exhibit halls at RSA, I saw innovative companies putting AI to work on virtually every one of these problems. AI and AI Agents are perfect to automate the manual, repetitive processes, which are the results of large volumes of alerts, that bog down operations and prevent effective cloud security.And history shows that when our industry focuses on a problem, we win. Companies that want to solve these issues should look for preemptive tools that cover cloud application security, identity and AI.Together we’ll win.Chen Burshan, chief executive officer, Skyhawk SecuritySC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
RSAC, Cloud Security, AI benefits/risks
AI: The silver lining in cloud security
(Adobe Stock)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds