Cybersecurity CEO Summit Sets The Tone For An AI-Defined RSAC

I had an opportunity to chat with Brian White, co-head of technology investment banking at Piper Sandler, ahead of the firm’s 2026 Cybersecurity CEO Summit, held on the Monday of RSAC week in San Francisco. White has been running this event for five or six years now. This year, roughly 720 people registered, representing about $14 trillion in strategic market capitalization and $5 trillion in investor assets under management. That’s a lot of capital in one room with a lot of unresolved questions.

“AI Security” Is Not a Useful Term

I told White upfront that I’ve been trying to cut through the AI noise in most of my conversations this year. I hear two things constantly from executives and vendors: AI is snake oil and smoke and mirrors, or AI is going to cure world hunger by Friday if you just push a button. The reality is somewhere in the middle. There are real advantages and real use cases, but it’s not magic, and slapping the word AI on your product doesn’t tell me much.

White put it this way: “AI security is not an all-encompassing term, because what you need to understand is what the AI is used for.” He breaks it into four questions worth keeping in mind as you walk the RSA floor: How do you securely deploy AI? How do you build and train AI securely? How do you defend against AI-accelerated threats? And how will AI outpace today’s security controls? Ask a vendor those four questions and you’ll learn more than their keynote will tell you.

Security has been embedding machine learning into detection and response for years. That’s not new. What’s changed is generative AI and agents that can take autonomous actions—and those introduce risks that are genuinely different. Rogue AI agents have already been documented as overriding antivirus software and leaking credentials. Adversaries are using AI to run faster, more targeted attacks. The threat environment isn’t waiting for the industry to sort out its terminology.

White and I talked about AI in the SOC, which is probably the clearest near-term use case. The grunt work of correlating logs, triaging alerts, and hunting for patterns has always been the kind of task machines handle better than people. Putting an AI agent on level-one SOC work isn’t a leap. White’s view is that AI has real potential to change how alerts get triaged and push analysts toward higher-order work.

The Deals Are Real Even If the Terminology Isn’t

Whatever confusion exists around AI definitions, the M&A numbers aren’t ambiguous. Security mergers and acquisitions hit $76 billion in 2025, up from $21 billion in 2024, accounting for 11 percent of all technology deal spending. The deal count reached 314 transactions. And these weren’t small tuck-ins—Google’s acquisition of Wiz at $32 billion was reportedly the largest in the company’s history. Palo Alto’s pickup of CyberArk came in at $25 billion.

What’s also worth noting is who’s buying. ServiceNow, Mastercard, Mitsubishi, and HPE—none of them are traditionally thought of as security companies, and all of them made significant security acquisitions in the past year or so. When companies that far outside the traditional security buyer pool start writing big checks, it says something about how the market has shifted.

White’s read on what’s driving the pace is that it’s not just excitement—it’s necessity. “Larger buyers are increasingly doing their best to consolidate, particularly where there is a known solution. They are looking for innovation where there is an unknown threat and a novel approach required.” The startups that are essentially features in search of a business model are getting sorted out. The ones solving problems that large platforms can’t or won’t address are getting acquired or funded.

On the venture side, the numbers tell the same story. Saviynt pulled in $700 million in December 2025. Cyera raised $540 million in June and another $400 million in January 2026. ReliaQuest closed $500 million in March 2025. Across AI security specifically—automated red teaming, runtime security, agentic endpoint protection—a dozen acquisitions totaled over $3 billion in the second half of 2025 alone.

Platformization and Who’s Winning

White keeps coming back to CrowdStrike and Palo Alto as the likely long-term winners. Two very different strategies, he noted, but both are working. CrowdStrike has been selective about what it buys while running one of the tighter operations in enterprise software. Palo Alto has been more aggressive—buying into identity, absorbing the IBM QRadar customer base, and systematically filling out the platform.

I pushed back a little on the permanence of that position. I’ve been covering cybersecurity for more than two decades, and in 2005, Symantec and McAfee looked like immovable fixtures. White didn’t disagree with the historical observation, but he made a point I think is fair: George Kurtz still runs CrowdStrike the way a founder runs a company—hands on the product, paying attention to what’s actually changing. That’s a different posture than Blockbuster’s leadership had when Netflix showed up.

Why It’s Worth Being There Monday Morning

White started the summit because RSAC doesn’t really have a format for sitting down and thinking clearly about where the market is heading. The show floor is good for networking and running into people you haven’t seen in a year. It’s not great for figuring out what’s actually changing.

The agenda this year covers a lot of ground. Nikesh Arora at Palo Alto is opening. There are panels on what’s happening in public and private markets, sessions on agentic security, data security, MSP demand, and OT. Kevin Mandia is on the agenda with his new company, Armadin—White flagged it as a business that couldn’t have been built without the new engineering tooling AI enables. ServiceNow is back after a strong showing last year, this time with nearly $9 billion in security acquisitions to account for since they were last in the room.

I’ve gone to RSA for years. For a long time, Monday was just a travel day. After talking to White, I’m rethinking that.