Focusing on the People in Cybersecurity at RSAC 2026 Conference

CYBERSECURITY OPERATIONS CYBERSECURITY CAREERS CYBER RISK COMMENTARY Focusing on the People in Cybersecurity at RSAC 2026 Conference AI dominated the RSAC 2026 Conference and showed it's still humans in cybersecurity who matter most. Melinda Marks,Practice Director, Cybersecurity,ESG April 7, 2026 6 Min Read SOURCE: ANDRIY POPOV VIA ALAMY STOCK PHOTO COMMENTARY While our world today is obsessed with AI adoption, the humans in cybersecurity are more important than ever.  Cybersecurity professionals are in demand, as security is a top challenge and concern for new technology adoption. As a leading cybersecurity event bringing together global experts and vendors, this year's RSAC 2026 Conference focused on the power of community, helping cybersecurity professionals share ideas, network, and learn about the latest solutions to set them up for success in their roles. This is an exciting time, as security teams have the opportunity to ensure secure adoption of key technologies that will fuel increased productivity and business growth. Although our skills are specialized, part of our value depends on our ability to constantly adapt and arm ourselves with knowledge and tools to ensure we stay ahead of the rapidly evolving threat landscape. As attackers can also leverage new technologies to scale their attacks, we need to ensure we keep the advantage on the defender's side.  Related:RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever We like to plan our cybersecurity strategies in terms of people, processes, and technology, and, of course, many sessions helped in areas of processes and technology. However, while we're turning to machines to solve many of our challenges in automation, let's not lose sight of the people in this equation who are crucial to keeping the advantage on the defenders' side.  Key Sessions Focusing on People and Talent During this year's conference, I had the honor of presenting along with Dr. Shawn Murray, Information Systems Security Association (ISSA) AIM committee co-chair and past president, in the session Thriving in the New Reality: Inside Today's Cybersecurity Profession. We unveiled some of the results of our latest study with ISSA members: the 8th volume of the study on the life and times of cybersecurity professionals. Some interesting stats we unveiled: Only 28% are very satisfied in their current roles. 68% find cybersecurity more difficult than it was two years ago. Top challenges include increasing cybersecurity complexity and workloads, increasing threats from a rapidly growing attack surface, and budget pressures. Job stress is also higher than past years, with 62% finding their jobs stressful more than half of the time. Cybersecurity skills are in demand, and the new highest skills gap is in AI security strategy.  We also revealed some key trends related to AI: Most (81%) believe AI drastically increases challenges for cybersecurity as attackers will leverage it to scale attacks. Most (80%) believe cybersecurity teams will need to leverage AI in their solutions to stay ahead of attackers. Nearly three-quarters (72%) believe agentic AI will be a game changer helping their teams keep pace with attacks and become more efficient. Related:Human vs AI: Debates Shape RSAC 2026 Cybersecurity Trends So this is an exciting time for cybersecurity professionals, but we will need to evolve our skills and workforce to play a key role in secure adoption of AI. Another session, AI, Regulation, & the Battle for Talent: The Future of the Cyber Workforce with Rob T. Lee, CAIO and chief of research, SANS Institute, and James Lyne, CEO, SANS Institute, addressed this. The session highlighted results of their new research on the evolving cyber workforce, highlighting the impacts of AI on cybersecurity teams, and how cybersecurity teams are adjusting, redefining their structures and roles. For example, the use of AI may impact junior level roles in the SOC, but it is also creating new roles with specialized skill sets. The Role of Humans in AI Adoption Security has always been about having full visibility and utilizing contextual information to optimize remediation to mitigate risk or respond quickly to threats or attacks. AI brings many advantages to security, as it can synthesize and analyze data from multiple sources, and even make intelligent decisions and take actions.  Related:Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026 In our recent Omdia by InformaTechTarget study, Automating Risk Reduction in the AI Era, we saw that security teams are utilizing AI across a variety of areas, including automation of various types of security testing, predictive risk modeling, and proactive threat hunting. Auto-remediation is an exciting use case for agentic AI, as this would support rapidly scaling developer productivity. However, when asked about the need for a human oversight, respondents reported various levels of needed human intervention: only slightly more than one-quarter of organizations report significant levels of automated remediation with either periodic (19%) or minimal (9%) human oversight. Fifty-seven percent require human approval for critical actions, and 14% require human approval for every action. However, the number of organizations saying AI-driven automated remediation will be executed with minimal human oversight is expected to nearly double to 17% over the next 12 to 18 months. At RSAC Conference, there were many opportunities to see security tools utilizing AI. As the products rapidly evolve, security teams will increasingly gain confidence in using agents without as much human intervention, though these tools will need human supervision for a while. Security teams will need to adapt their skills to be able to evaluate, deploy, and utilize solutions with agentic AI to be able to use them to their advantage.  Collaborating With Business Leaders and Other Teams for Secure AI Adoption Across our research studies, we often see the involvement of other teams, such as IT and operations, in selecting and using security solutions. This makes some sense because if there is a cybersecurity attack, it becomes an operational issue with impacts on the business and/or customers. Also, as groups consider adopting AI tools or applications leveraging AI, it is vital to involve security leadership. Gatherings like RSAC 2026 Conference are crucial to keep cybersecurity professionals up to date on the most effective strategies and tools to be successful in their roles. Security leaders and teams typically face challenges if they cannot support new technology adoption, or if they cause friction as other groups are striving to increase speed and productivity. We saw this pattern with the adoption of modern development processes and the move to the cloud; if security teams caused friction, other groups, including development and operations teams, could take over security. In fact, my recent study on the state of cloud security found an alarming statistic: 38% of organizations reported that their developers and DevOps team select and deploy cloud security tools without consulting security teams. Instead, we need security leaders and teams trusted and respected for their knowledge and ability to support other teams and business growth. This means security teams need to talk to other groups, align on goals, and participate in technology decisions. This requires an organizational commitment to security, building a strong cybersecurity culture so that technologies aren't rapidly adopted in ways that put companies at risk. It was exciting to present some highlights from our ISSA study at RSA and see security product innovation, cybersecurity training, networking, and mentorship in action at the conference. There is much more data to come from our study with the ISSA on this, so stay tuned for the full results from the study with recommendations for cybersecurity professionals. On the technology and process sides, stay tuned for my upcoming study on managing risk for secure enterprise AI adoption to look at how security products can arm our cybersecurity teams. Read more about: Omdia About the Author Melinda Marks Practice Director, Cybersecurity, ESG Analyst Melinda Marks leads ESG’s analyst team focused on cybersecurity. Melinda covers technologies that help organizations scale safely while adopting faster cloud-native development cycles. Melinda has over 20 years of experience in technology marketing and strategy, focusing on product value and revenue growth. She has held leadership roles at Soluble (acquired by Lacework), Armorblox, Styra, StackRox (acquired by Red Hat), Tenable, Qualys, and VMware, where she built the customer reference program and led product PR. She is a Synopsys Outreach Foundation board member and has a bachelor’s degree in English from UC Berkeley. Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports AI SOC for MDR: The Structural Evolution of Managed Detection and Response How Enterprises Are Developing Secure Applications Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report Gartner IGA Voice of the Customer 2026 Access More Research Webinars Identity Maturity Under Pressure: 2026 Findings and How to Catch Up Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN More Webinars You May Also Like CYBERSECURITY OPERATIONS County Pays $600K to Wrongfully Jailed Pen Testers by Nate Nelson, Contributing Writer FEB 02, 2026 CYBERSECURITY OPERATIONS Women Who 'Hacked the Status Quo' Aim to Inspire Security Careers by Elizabeth Montalbano, Contributing Writer JUL 16, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 CYBERSECURITY OPERATIONS Dogged by Trump, Chris Krebs Resigns From SentinelOne by Nate Nelson, Contributing Writer APR 17, 2025 Editor's Choice CYBERSECURITY OPERATIONS RSAC 2026: AI Dominates, But Community Remains Key to Security byKristina Beek,Rob Wright APR 2, 2026 CYBERATTACKS & DATA BREACHES Not Toying Around: Hasbro Attack May Take 'Weeks' to Remediate byNate Nelson APR 2, 2026 3 MIN READ ENDPOINT SECURITY CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry byJeffrey Schwartz APR 3, 2026 3 MIN READ Want more Dark Reading stories in your Google search results? 2026 Security Trends & Outlooks THREAT INTELLIGENCE Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats JAN 2, 2026 CYBER RISK Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult JAN 12, 2026 ENDPOINT SECURITY CISOs Face a Tighter Insurance Market in 2026 JAN 5, 2026 THREAT INTELLIGENCE 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child JAN 30, 2026 Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Identity Maturity Under Pressure: 2026 Findings and How to Catch Up WED, MAY 6,2026 AT 1PM EST Building a Robust SOC in a Post-AI World THURS, MARCH 19, 2026 AT 1PM EST Retail Security: Protecting Customer Data and Payment Systems THURS, APRIL 2, 2026 AT 1PM EST Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need WED, APRIL 1, 2026 AT 1PM EST Securing Remote and Hybrid Work Forecast: Beyond the VPN TUES, MARCH 10, 2026 AT 1PM EST More Webinars White Papers How Sunrun Transformed Security Operations with AiStrike Autonomous Pentesting at Machine Speed, Without False Positives Fixing Organizations' Identity Security Posture Best practices for incident response planning Industry Report: AI, SOC, and Modernizing Cybersecurity Explore More White Papers BLACK HAT ASIA | MARINA BAY SANDS, SINGAPORE Experience cutting-edge cybersecurity insights in this four-day event featuring expert Briefings on the latest research, Arsenal tool demos, a vibrant Business Hall, networking opportunities, and more. Use code DARKREADING for a Free Business Pass or $200 off a Briefings Pass. GET YOUR PASS GISEC GLOBAL 2026 GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills. 📌 BOOK YOUR SPACE