Wrapping Up RSAC 2026: AI Takes Center Stage
As the final day of RSAC Conference 2026 drew to a close, Kelly Jackson Higgins, editor-in-chief of Dark Reading and VP of cybersecurity editorial at Informa TechTarget, joined colleagues Jamison Cush and Sabrina Polin in Broadcast Alley for a wide-ranging conversation about the state of the industry. Their discussion touched on the explosive growth of artificial intelligence in cybersecurity, the collaborative coverage strategy spanning Informa TechTarget's three security brands, and two decades of watching the industry evolve from a small technical gathering into a massive commercial ecosystem.
The week's programming was dominated by conversations around AI, emerging threats, and the structural challenges organizations face when trying to adapt to a rapidly shifting technological environment. Jackson Higgins offered a perspective shaped by years of close observation — and her conclusions were striking in their candor.
Agentic AI Arrived Ahead of Schedule
Perhaps the most pointed observation Jackson Higgins made concerned the speed at which agentic AI became a practical reality rather than a speculative talking point. Just one year ago, the prevailing sentiment at industry gatherings was that agentic AI was on the horizon — interesting, inevitable, but not imminent. That assumption proved incorrect.
"Last year there was a conversation about 'Oh agentic AI is next, and it's going to take a while.' Well, it happened way faster. I feel like we're in this AI wave that is nothing we've seen before in the industry in terms of cyber advancements. It happened much faster than we expected, and it's happening faster than a lot of organizations are ready for."
That acceleration has had direct consequences for how organizations are positioned relative to threat actors. A widely held hope entering this period was that the industry might use AI to finally get ahead of adversaries. According to Jackson Higgins, that window closed without producing the desired outcome. "The big conversation I know in the past year was, 'Well, this is our chance to get ahead of the bad guys.' That didn't happen. So now most companies are paying catch-up."
Meanwhile, security vendors have responded by flooding the market with AI-powered tools of varying quality and transparency. Jackson Higgins cautioned that organizations evaluating these products need to understand what is actually happening under the hood — not simply accept marketing claims at face value.
Three Brands, One Strategic Vision
A significant portion of the conversation focused on how Informa TechTarget is approaching cybersecurity coverage across its trio of brands: Dark Reading, Cybersecurity Dive, and TechTarget SearchSecurity. The three brands have operated under the same corporate umbrella for roughly a year and a half, and Jackson Higgins addressed early concerns about whether the arrangement might result in duplicated effort or brand cannibalization.
The answer, she explained, lies in fundamentally different audience strategies and content philosophies. Each publication serves a distinct reader with distinct needs:
- Cybersecurity Dive approaches topics from the CISO and cyber-risk perspective, producing news stories suited to senior decision-makers.
- Dark Reading applies what Jackson Higgins called a "news analysis secret sauce" — deeper editorial context layered onto breaking developments.
- TechTarget SearchSecurity delivers deeply researched, technically detailed pieces for practitioners who need comprehensive, reference-quality information.
The teams coordinate through weekly meetings and a shared planning spreadsheet that tracks story assignments across all three outlets to avoid overlap. Staff staggered their arrivals and departures at RSAC 2026 to maximize on-the-ground resource coverage, and the broader editorial team gathered for a shared dinner on Tuesday evening of conference week.
"I like to say we're a 360 of a topic," Jackson Higgins said. "You literally have the best of three worlds with the three brands."
Twenty Years of Watching the Industry Grow
With Dark Reading marking approximately 20 years of publication, Jackson Higgins was asked to compare the cybersecurity landscape of 2006 with the one on display at RSAC 2026. The contrast is substantial by almost every measurable dimension.
When Dark Reading launched, Jackson Higgins was the third employee, hired just one month after the publication went live. The security vendor community at the time was a fraction of its current size. Rather than the roughly 4,000 vendors now present at events like RSAC, the market consisted of perhaps a handful of dedicated security companies alongside networking firms — such as those selling firewalls — and antivirus providers. The conference itself was smaller, more technically focused, and still closely tied to its origins as a forum centered on the encryption work of RSA the company.
One of her first editorial mandates was to interview the pioneers who had organically built the security industry — engineers and researchers who broke systems to expose vulnerabilities and forced software vendors to take security seriously. That grassroots, community-driven character defined the early years.
"It was so small that everyone knew everyone," she recalled. "We got to get to know the industry in its early days."
Despite the dramatic growth in scale — from a small technical conference to a sprawling trade show — Jackson Higgins noted that some of that original community feeling persists. Equally persistent, however, are certain foundational problems that the industry has struggled to solve across two decades: authentication weaknesses and software vulnerabilities remain as stubbornly relevant today as they were when Dark Reading first started covering them.
History as a Guide for What Comes Next
The conversation at RSAC 2026 made clear that the cybersecurity industry is navigating a moment of genuine discontinuity. AI is not simply another incremental technology — it is compressing timelines, shifting the balance of offense and defense, and demanding that organizations make strategic decisions before the dust has settled on what the technology can actually do.
Jackson Higgins emphasized that while the speed of change is unprecedented, the industry's history offers valuable lessons. Understanding how past challenges were addressed — or failed to be addressed — remains essential context for anyone trying to chart a path forward. The persistence of old problems alongside the emergence of new ones means that neither complacency about legacy risks nor fixation on novelty is an adequate response to the current environment.
For security professionals, CISOs, SOC managers, and risk practitioners trying to make sense of an industry that now encompasses thousands of vendors and an AI-accelerated threat landscape, the message from RSAC 2026 was unambiguous: the pace of change is not slowing down, and catching up will require deliberate, informed action rather than reactive improvisation.
Source: Dark Reading