All things Cybersecurity was found at this year’s RSAC Conference in San Francisco, California. If you missed this conference this year, let me fill you in with the details. This year’s theme of the conference was “Many Voices. One community”. The conference echoed just that with cyber professionals, enthusiasts, and problem solvers coming from all over the world to have meaningful conversations and share ideas amongst one another. From Microsoft demos to a Crowd-strike sponsored Falcon relaxation lounge, to adorable puppies being on the expo floor, this conference had it all for everyone.
While I had the opportunity to speak to many executives and Cybersecurity professionals, I also got to sit in on a SailPoint session where the topic was “The core of enterprise security is identity”. Who is SailPoint and what do they do? Well, they are a company that helps organizations secure access to critical data and applications. By doing this they can ensure the right access is given to the right identities at the right time. The problem SailPoint expressed in the session is that “69% of companies have more machine identities than human identities and 47% have ten times more”. You might wonder why that is a problem. It’s a problem because if these machine accounts, bots, and service accounts have no identity, that means they are untraceable and are not managed properly. This is very risky for organizations from a security aspect because if you don’t know what the account is or what it does, access cannot be restricted properly, and it could be compromised. A direct quote I took away from this conversation is “You can’t protect something you don’t see”. SailPoint is remediating this issue by their very own “Machine Account Discovery” feature. This was introduced in this session, and it piqued my interest especially with AI being involved. This feature helps manage all machine accounts by automatically inventorying them using AI. Scans are conducted hourly which helps identify new machine accounts for you to review in real time. This will strengthen security, simplify audits, and save a lot of time when it comes to tracking them down. I thoroughly enjoyed sitting in on this session and diving deeper into the problem of identity security and how SailPoint is remediating it.
While sitting in on the sessions were extremely informative and exciting, interviewing some Cybersecurity professionals and CEOs gave me a thrill of excitement! The RSA Conference 2025 brought together some of the most dynamic voices in Cybersecurity—from technical pioneers to community builders, and from stealth-mode disruptors to diversity champions. I had the opportunity to speak with several influential leaders about the evolving threat landscape, lessons in leadership, and what it takes to make cybersecurity more effective and inclusive.
Mick Baccio- Security Researcher, Splunk SURGE Team
Mick Baccio represents Splunk’s SURGE (Security Research Group), which focuses on long-form, data-backed Blue Team research to improve global cyber defense strategies. He emphasized that newcomers should stay curious and avoid limiting themselves early on. “You won’t learn everything,” he said, “but find your niche and enjoy the ride.” He also said “Cybersecurity is such a unique feeling, such a unique environment to work in that’s ever changing, and it’s easy to lose sight of what you’re doing day to day. And some of the environment you’ll come into, some of the people you’ll come in contact with, I think the community that you’ll build over your career is one of the things you’ll take with you forever.” I could really appreciate this advice due to me being young in my career and still trying to navigate how I am supposed to reach my potential. Not losing sight of my end goal is a great path to start on.
As a former CSO of a U.S. presidential campaign, Baccio noted that technical expertise alone isn’t enough in leadership—clear and adaptable communication is just as vital. If he weren’t in security? He’d be sipping coffee at a cyber-themed cat café.
Nitesh Sinha- CEO & Founder of Sacumen
Nitesh Sinha is the founder and CEO of Sacumen which stands out in the cybersecurity landscape by working exclusively with product companies to build scalable, secure integrations. With over 3,600 connectors developed across cloud, storage, SIEM, and DevOps categories, Sacumen accelerates innovation through its Sacronix low-code platform and AutoX, the world’s first automated connector testing tool.
When it comes to trust, Sacumen’s philosophy is clear: specialize deeply and never overpromise. Their advice on cybersecurity culture? Lead by example—especially at the executive level—and treat education as the cornerstone of all security initiatives.
I asked Nitesh what’s the key to building a Cybersecurity culture that actually sticks with employees at every level? His response was “It is you who invest money on things of any of the Cybersecurity initiatives that will possibly be successful there. But if you don’t do the groundwork to enable your workforce, right? And if they don’t realize the importance of it then nothing will succeed there.” I think this is so true and is really an underrated concept in organizations when thinking about key Cybersecurity culture.
Outside of cyber, Nitesh joked he’d be either a marketer or a struggling Bollywood actor.
Tennisha Martin- Executive Director & Founder of Black Girls Hack
Tennisha Martin leads Black Girls Hack, a nonprofit creating pathways into tech and Cybersecurity. The Black Girls Hack organization offers hands-on classes, long-term training programs, and hosts the SquadCon conference in Las Vegas. Her organization is helping change the face of cybersecurity—one person at a time.
Her advice to Black women in the field? Start early, develop practical skills, and surround yourself with a strong support network. “Community is everything,” she emphasized.
When I asked what the biggest Cybersecurity threat in companies and organizations is today, she expressed it’s the people. Something she said that stood out to me was “I think that security is often an afterthought, and a lot of companies are very quick to put things to market, like super-fast, with security as an afterthought. And I think that when that happens, what you have are, you know, people who end up being in the weakest link, causing security issues through poor configurations, though, you know, improper testing, and evaluation, improper security.“ “Because, you know, you’re only as strong as your weakest link, and if that’s your people, then, you know, you’re obviously in big trouble.” Hearing this made me understand truly the importance of companies hiring the right people in every aspect.
In our discussion, Tennisha also shared about the conference Squad Con which is powered by her organization. The conference happens every year in Las Vegas and this year it will be held August 5th-6th at the Sahara Las Vegas Hotel & Casino. This conference is all about addressing underrepresentation in the file of Cybersecurity. She said “This conference attempts to provide more diverse voices in terms of the research that’s presented in the people who are attending. So, we have a lot more women speakers than a lot of the conferences do.” There is a small percentage of women in technology, specifically Black women in technology and the Cybersecurity spaces so having a conference that supports tackling that problem is amazing!
Dr. Tina Srivastava- Co-Founder of Badge Inc.
At Badge Inc., Dr. Tina Srivastava and her team are on a mission to eliminate stored credentials from the digital identity equation. Their credential-free approach reduces breach risks by removing the very assets attackers seek. Badge enables privacy-preserving authentication to every application, on any device, without storing user secrets or PII. Badge’s patented technology allows users to derive private keys on the fly using their biometrics and factors of choice without the need for hardware tokens or secrets. Badge was founded by field-tested cryptography PhDs from MIT and is venture-backed by tier 1 investors. Customers and partners include top Fortune companies across healthcare, banking, retail, and services.
When I asked Tina what is the biggest mistake companies are making right now when it comes to Cybersecurity, she said “storing identity credentials is the number one mistake companies are still making, companies need to get educated that now the tide has turned on cyber defense, and it is now possible to eliminate those credentials so that you’re no longer make yourself a target to attackers and criminals. ” she warned.
Continuing our discussion, Tina expressed that scaling a company with global applicability has taught her the value of focus and disciplined growth. Her advice to future women leaders in cyber? “Be fearless. Do what you love, regardless of what others say.”
Away from the Cybersecurity world, she’s a licensed pilot and aerodynamics instructor at MIT. If not at Badge, she’d be flying above San Francisco, taking in the view from the clouds.
Across each conversation, one theme rang loud and clear: the human element—whether through leadership, education, or innovation—is at the heart of both the problem and the solution in cybersecurity. Whether it’s eliminating risky credentials, building community, or leading with clarity and integrity, these leaders are shaping a future where security is smarter, stronger, and more equitable.
The experiences I had, the conversations I was able to be a part of, and the cyber magic I got to see from this conference was amazing. Being young in my career as a rising Cybersecurity professional, it was amazing to speak with a variety of people in different roles within the Cybersecurity world. I look forward to taking all that I absorbed at this conference into my future endeavors and being a part of the Cybersecurity world that is forever changing!
About the Author
Victoria Hargrove is an award-winning independent Reporter for Cyber Defense Magazine and a 2024 graduate of George Mason University, where she earned a Bachelor of Science in Management Information Systems. Her academic journey included a comprehensive focus on cybersecurity, with coursework in networks and security, information security and assurance, programming, and networking, among other areas. Building on this foundation, she is attending Old Dominion University where she is earning her Master’s degree in Cybersecurity. Currently employed as a full-time Cybersecuity Threat Analyst at TJX Companies, Victoria’s role involves critical responsibilities such as identifying security threats, investigating phishing attacks, and remediating various security issues. Her experience in these areas allows her to apply her theoretical knowledge to real-world challenges, positioning her as a skilled professional in the cybersecurity domain.
In addition to her academic and professional goals, Victoria is deeply committed to community engagement, particularly in supporting underrepresented groups in technology. She believes that education is a powerful tool for creating opportunities, and she is passionate about mentoring and outreach. In her own words: “Education has opened doors for me, and I aspire to do the same for others. Mentorship and outreach for underrepresented groups in technology is something I’m passionate about. I know true success is measured by how much we can lift others as we climb.” As she continues to advance her knowledge and expertise, Victoria remains eager to engage in research and tackle the evolving challenges of the Cybersecurity landscape.
Victoria can be reached online at [email protected].
