A Year(ish) of Countering Malicious Actors' Use of AI: What Have We Learned?
Sherrod DeGrippo, Cynthia Kaiser, Adam Maruyama, Lyn Brown
RSA Conference 2025 · Day 1 · Policy
A panel of cybersecurity practitioners, law enforcement, and legal experts convened at RSA Conference 2025 to take stock of a year's worth of real-world lessons from countering AI-enabled cyber threats. While existing laws have proven more adaptable than feared, critical gaps remain in how investigators detect AI-generated content, how thresholds for government disruption operations are determined, and how defenders can separate synthetic noise from real harm. The clearest conclusion: the legal framework is ahead of the narrative, but investigative and operational frameworks are still catching up. ---
AI review
This is the AI threat panel that should have been the keynote — actual threat intelligence data from Microsoft, actual legal framework analysis from someone who has prosecuted these cases, actual criminal LLM tooling specifics from Everfox, and a genuinely useful FBI operational update on how adversary AI-use patterns are becoming attribution signals. DeGrippo's line is the session's thesis: 'if your threat intelligence is not actionable, it's threat entertainment.'