Power Vacuums and AI Storms: Who’s Steering Cybersecurity’s Future?

At this year’s RSA Conference, the world’s top cybersecurity minds gathered under a cloud of uncertainty and innovation-a stage set by the conspicuous absence of US federal leadership, the assertive arrival of European regulators, and a swelling tide of AI-driven threats. As the digital battlefield rapidly evolves, the question on everyone’s mind: Who is truly in charge of defending our cyber future?

The RSAC 2026 conference unfolded amid a geopolitical shakeup. For the first time in recent memory, not a single US federal agency sent leadership or rank-and-file experts to the event-an absence attributed to political reshuffling and internal rifts, including the controversial hiring of former CISA director Jen Easterly by the conference itself. In their place, European Union officials took center stage, eager to present their own vision for cyber resilience and AI regulation.

This leadership vacuum comes at a critical juncture. With AI now driving both innovation and new forms of cyberattack, CISOs find themselves in the boardroom spotlight-tasked with enabling digital transformation while fending off machine-speed threats. As Becky Bracken of Dark Reading described, CISOs are “being asked to do the impossible,” forced to deliver on efficiency and cost savings while keeping catastrophic risks at bay. The reality? Employees are already feeding sensitive data into generative AI tools, often unaware of the exposure they create.

On the regulatory front, the EU’s methodical, feedback-driven approach to cybersecurity and AI guardrails stands in sharp contrast to America’s hands-off philosophy. While the US signals minimal intervention to encourage innovation, European regulators are forging ahead with enforceable standards, aiming for clarity and cross-border cooperation. The stakes are high: as adversaries adopt AI to craft adaptive malware-capable of morphing to evade detection-defenders must automate and accelerate their own responses just to keep pace.

Looking ahead, the specter of quantum computing looms large. Experts warn that organizations must urgently audit encryption protocols to prepare for a future where today’s cryptography could be rendered obsolete overnight. Meanwhile, the fusion of cyber and kinetic warfare-think hacked drones and battlefield networks-demands new alliances between private sector innovators and policymakers, even as political uncertainty leaves many waiting for clear direction.

As RSAC 2026 closed, the cybersecurity industry was left to grapple with a world in flux. But if there’s one constant, it’s the sector’s resilience-driven by experts who, despite the chaos, remain determined to safeguard the digital realm. In a landscape where AI arms both attackers and defenders, and where global power is up for grabs, the future of cybersecurity will be written by those agile enough to adapt-and bold enough to lead.

WIKICROOK

• CISO: A CISO (Chief Information Security Officer) is the executive in charge of protecting an organization’s information and data from cyber threats.
• AI: AI, or Artificial Intelligence, is technology that enables machines to mimic human intelligence, learning from data and improving over time.
• Quantum computing: Quantum computing uses quantum physics to solve complex problems much faster than traditional computers, thanks to special units called qubits.
• Vibe coding: Vibe Coding is the rapid generation of code using AI tools, often sacrificing quality and security for speed and volume.
• Kinetic warfare: Kinetic warfare is physical military conflict, increasingly combined with cyber attacks to disrupt, damage, or destroy enemy capabilities and infrastructure.