SAN FRANCISCO — Cisco set the tone at Monday's RSAC 2025 keynote by announcing a major open-source initiative aimed at securing the future of AI, while other speakers laid out how the industry must adapt to a rapidly changing battlefield.
旧金山 — 思科在周一的 RSAC 2025 主题演讲中定下了基调,宣布了一项旨在确保 AI 未来的重大开源计划,而其他演讲者则阐述了该行业必须如何适应快速变化的战场。
Jeetu Patel, Cisco’s executive vice president and chief product officer, unveiled Foundation AI — a purpose-built, security-specific AI model trained on cybersecurity data. The model isn’t just open source in concept — Cisco is releasing the actual trained model weights as well, allowing researchers and developers to inspect, adapt and fine-tune it. Alongside that, the company is open-sourcing its full tooling framework, inviting the global security community to collaborate on safer, more transparent AI systems.
思科执行副总裁兼首席产品官 Jeetu Patel 推出了 Foundation AI,这是一种专门构建的、针对网络安全数据进行训练的特定于安全的 AI 模型。该模型不仅在概念上是开源的,Cisco 还发布了实际训练的模型权重,允许研究人员和开发人员对其进行检查、调整和微调。除此之外,该公司还开源了其完整的工具框架,邀请全球安全社区合作开发更安全、更透明的 AI 系统。
(For Complete Live RSAC 2025 Coverage by SC Media Visit SCWorld.com/RSAC)
(如需 SC Media Visit SCWorld.com/RSAC 的完整 RSAC 2025 现场报道)
Patel emphasized the urgency: "The true enemy is not our competitors — it’s the adversary."
帕特尔强调了紧迫性:“真正的敌人不是我们的竞争对手——而是对手。
He warned that fine-tuned models are significantly more vulnerable to jailbreaks and toxic outputs, citing Cisco research that showed fine-tuning can triple jailbreak susceptibility and increase harmful responses by 22x.
他警告说,微调模型明显更容易受到越狱和有毒输出的影响,并引用了 Cisco 的研究,该研究表明,微调可以将越狱敏感性增加三倍,并将有害反应增加 22 倍。
Open-sourcing AI security to defend the future
开源 AI 安全,为未来保驾护航
Jeetu Patel, Cisco’s EVP and CPO
Jeetu Patel,思科执行副总裁兼首席产品官
.
Cisco’s Foundation AI model may not be the biggest, but it’s built like a racecar for the cybersecurity track — tuned for precision, speed and efficiency rather than brute force. Specifics include:
思科的 Foundation AI 模型可能不是最大的,但它就像网络安全赛道的赛车一样构建——针对精度、速度和效率进行了调整,而不是蛮力。具体内容包括:
它由 80 亿个参数提供支持,这些参数就像数字大脑中的神经元。它足够大,可以执行检测和响应威胁等复杂任务,但又足够小,可以保持敏捷,这与试图满足所有人需求的大型通用模型不同。
它使用 50 亿个精心挑选的代币进行训练;将这些视为模型为学习网络安全而研究的单词、模式和行为。这 50 亿是从大海捞针的 9000 亿大海捞针中精心挑选出来的。这就像从整个库中选择最相关的章节 — 跳过繁琐的章节,准确地向模型传授它需要了解的有关威胁检测、勒索软件策略和响应工作流程的信息。
也许最关键的是,它足够轻,只需一个或两个 A100 GPU(用于训练 AI 的强大芯片)即可运行。大多数通用模型需要 30 倍。这就是需要一个完整的数据中心来运行您的模型,或者将其安装在安全的企业机架中的区别。这不仅仅是成本问题,还涉及使 AI 支持的安全性具有可扩展性和可访问性。
Patel framed this move as necessary in a world shifting from human-scale security to machine-scale threats.
Patel 认为,在从人类规模的安全威胁转变为机器规模的威胁的世界中,这一举措是必要的。
“Security is now the biggest accelerator for AI adoption, not an inhibitor,” he said.
“安全性现在是 AI 采用的最大加速器,而不是抑制因素,”他说。
Cybersecurity’s greatest strength? Community
网络安全的最大优势是什么?社区
Setting the broader tone, Hugh Thompson, executive chairman of RSAC, opened the conference with a call to unity and adaptability.
RSAC 执行主席 Hugh Thompson 在会议开幕式上呼吁团结和适应能力,从而定下了更广泛的基调。
"Community — it's what makes us strong in cybersecurity," he said, encouraging the 44,000 attendees to embrace change and new connections with a "Bayesian mindset," being open to updating assumptions as new information arrives.
“社区 — 这是我们在网络安全方面强大的原因,”他说,并鼓励 44,000 名与会者以“贝叶斯思维方式”拥抱变化和新的联系,随着新信息的到来,对更新假设持开放态度。
Hugh Thompson, executive chairman of RSAC
Hugh Thompson,RSAC 执行主席
.
Thompson also pointed to two seismic trends for the next 18 months: the transformation of application security into AI-driven defenses, and the surge of adversarial attacks specifically targeting AI models.
Thompson 还指出了未来 18 个月的两个重大趋势:应用程序安全转变为 AI 驱动的防御,以及专门针对 AI 模型的对抗性攻击激增。
Agentic AI will redefine cybersecurity — if we secure it first
Agentic AI 将重新定义网络安全 — 如果我们首先保护它
Vasu Jakkal, corporate VP, Microsoft Security, then offered a sweeping look into the rise of agentic AI — autonomous digital systems that will soon collaborate with one another and with humans to reshape cybersecurity, governance and daily life.
Microsoft 安全公司副总裁 Vasu Jakkal 随后全面介绍了代理 AI 的兴起,代理 AI 是自主数字系统,很快将相互协作并与人类协作,以重塑网络安全、治理和日常生活。
Vasu Jakkal, corporate VP, Microsoft Security
Vasu Jakkal,Microsoft 安全公司副总裁
"Today, AI helps us with triage," Jakkal said. "By 2027, agents will predict attacks, dynamically adjust access permissions and autonomously enforce security policies."
“今天,AI 帮助我们进行分类,”Jakkal 说。“到 2027 年,代理将预测攻击、动态调整访问权限并自主执行安全策略。”
She cautioned that as agentic AI grows more powerful, security models must evolve alongside it.
她警告说,随着代理 AI 变得越来越强大,安全模型必须随之发展。
“AI is not static — and security can't be static, either," she emphasized.
“AI 不是静态的,安全性也不可能是静态的,”她强调说。
(For Complete Live RSAC 2025 Coverage by SC Media Visit SCWorld.com/RSAC)
(如需 SC Media Visit SCWorld.com/RSAC 的完整 RSAC 2025 现场报道)
To underscore just how rapidly this transformation is happening, Jakkal shared a timeline mapping the "evolving stages of autonomous AI for security."
为了强调这种转变的速度有多快,Jakkal 分享了一份时间表,描绘了“用于安全的自主 AI 的演变阶段”。
她说,如今,大多数网络安全 AI 系统都在 0 级运行,即模仿人类行为并自动执行基于规则的重复性任务。
在六个月内,许多组织将进入 1 级,AI 代理将对任务进行推理并使用工具来实现特定目标。
到 12 个月到 18 个月时,我们将进入 2 级,代理能够自我修改或优化以更好地实现他们的目标。
Jakkal 预测了 18 个月到 24 个月后,3 级自动驾驶即将到来,其中 AI 代理将动态调整自己的目标,以应对不断变化的威胁,同时最大限度地减少人工干预。
The implications, she said, are profound: cybersecurity will shift from being a reactive discipline to a predictive one.
她说,其影响是深远的:网络安全将从一门被动学科转变为一门预测性学科。
"Security mechanisms must evolve from static verification to dynamic, probabilistic verification," she noted.
“安全机制必须从静态验证发展为动态的概率验证,”她指出。
Microsoft’s internal numbers underline the urgency:
Microsoft 的内部数据强调了这种紧迫性:
密码攻击已从去年的每秒 4,000 次跃升至今天的每秒 11,000 次。
跟踪的威胁行为者在一年内从 300 人增加到 1,500 人,数量翻了五番。
Jakkal emphasized that governance, identity verification, data privacy and dynamic risk management must be embedded into the design of every AI agent from the start.
Jakkal 强调,治理、身份验证、数据隐私和动态风险管理必须从一开始就嵌入到每个 AI 代理的设计中。
“It takes a village,” she said, echoing the conference’s broader theme of collective resilience.
“这需要一个村庄,”她说,这与会议更广泛的集体韧性主题相呼应。
Why community intelligence is our greatest defense
为什么社区情报是我们最大的防御
John Fokker, head of threat intelligence at Trellix, brought the conversation back to the human adversary, spotlighting how ransomware gangs like Black Basta now operate as full-fledged businesses — sometimes with government backing.
Trellix 威胁情报主管 John Fokker 将对话带回了人类对手,强调了像 Black Basta 这样的勒索软件团伙现在如何作为成熟的企业运作——有时得到政府的支持。
John Fokker head of Threat Intelligence, Trellix
John Fokker Trellix 威胁情报主管
Through leaked internal chats, Fokker’s team confirmed Black Basta’s deep ties to Russian protection networks.
通过泄露的内部聊天,福克的团队证实了 Black Basta 与俄罗斯保护网络的深厚联系。
"They have HR departments, cafeterias and powerful friends," he said. "The connection between nation-states and cybercriminals is clearer than ever."
“他们有人力资源部门、自助餐厅和有权有势的朋友,”他说。“民族国家和网络犯罪分子之间的联系比以往任何时候都更加清晰。”
Yet, Fokker’s message remained hopeful: collaborative intelligence can outpace even state-backed adversaries.
然而,福克传达的信息仍然是充满希望的:协作智能甚至可以超过国家支持的对手。
"We are one team, working together," he said. "And when we work as one community, there is no question we will reach the top."
“我们是一个团队,一起工作,”他说。“当我们作为一个社区工作时,毫无疑问我们会达到顶峰。”
Grammy-winning artist Common
格莱美获奖艺术家 Common
The day's keynotes opened with Grammy-winning artist Common, who delivered a stirring reflection on unseen service, resilience and community.
当天的主题演讲由格莱美奖得主艺术家 Common 开场,他对看不见的服务、韧性和社区进行了激动人心的反思。
"The creator I see in me is the creator I see in you," he told the audience, celebrating cybersecurity professionals for protecting strangers they may never meet.
“我在我身上看到的创造者就是我在你身上看到的创造者,”他对观众说,赞扬网络安全专业人士保护了他们可能从未见过的陌生人。
RSAC 2025 made one thing clear: innovation alone won't define the future of cybersecurity — community will. As threats evolve and AI accelerates, it’s the strength of the connections forged here that will determine what comes next.
RSAC 2025 明确指出了一件事:仅靠创新并不能定义网络安全的未来,社区会。随着威胁的演变和 AI 的加速发展,这里建立的联系强度将决定下一步会发生什么。
(For Complete Live RSAC 2025 Coverage by SC Media Visit SCWorld.com/RSAC)
(如需 SC Media Visit SCWorld.com/RSAC 的完整 RSAC 2025 现场报道)
