Former CISA director Jen Easterly discusses AI's transformative impact on cybersecurity, why ransomware could become 'a shocking anomaly,' and her hopes for federal agencies' return to RSAC.
Former CISA director Jen Easterly, now CEO of RSAC, sees AI as a transformative force in cybersecurity that could make ransomware a "shocking anomaly" rather than a multi-trillion dollar industry. Speaking at RSAC 2026, Easterly emphasized that cyber and AI are now "inextricably linked" and that this convergence is reshaping the entire digital ecosystem.
[IMAGE:1]
Easterly, who describes herself as a "relentless optimist," believes AI can help write more secure code, find and fix flaws, and refactor legacy systems at scale. "We can see the promise of it happening at scale, and you can see the end to the soulless cycle of patching and patching and clean up on aisle nine," she said.
While acknowledging legitimate concerns about AI-powered threats like hyper-personalized phishing, Easterly maintains that AI hasn't created any "new, novel cyber risks." Instead, she sees the technology as a tool to reduce cyber risk and improve software quality, potentially freeing the cybersecurity community to solve more difficult problems.
On the federal government's absence from this year's conference, Easterly expressed hope they'll return in coming years. "I, as a relentless optimist, believe that in the next few years we'll welcome back the US government to be part of this very important ecosystem," she said, noting that trust and collaboration are essential in cybersecurity.
Easterly emphasized that the private sector owns most critical infrastructure, making them "the most important players in the room." She hopes CISA will eventually have the resources and capability to help defend global cyberspace, but until then, the private sector must continue leading the charge.
Her vision centers on using AI not to eliminate the $250 billion cybersecurity industry, but to transform it into something more effective and less reactive - where ransomware becomes rare rather than routine, and where the community can focus on solving harder problems than patching poorly designed software.
Comments
Please log in or register to join the discussion