AI Is Accelerating Cyber Risk. Visibility Is Struggling to Keep Up.

At the RSA Conference 2026 in San Francisco, Frost & Sullivan’s Jarad Carleton sat down with Gareth Maclachlan, Chief Operating Officer at Gigamon, for a timely interview about cybersecurity’s biggest challenges. What stood out was not another sweeping prediction about AI transforming security. Instead, it was a grounded discussion about what organizations are facing right now: rapidly expanding attack surfaces, fragmented visibility, and growing uncertainty around AI adoption.

One of Gareth’s strongest points was that the economics of cyberattacks have fundamentally changed. AI is not just helping defenders move faster. It is helping attackers do the same. He referenced examples where AI-driven attacks could identify exposed endpoints and prepare data exfiltration in a matter of hours. That shift compresses the time security teams have to detect and respond.

Not surprisingly, given Gareth’s current role and Jarad’s research focus, the conversation repeatedly came back to visibility as the critical foundation. Not visibility in the traditional sense of collecting more logs, but comprehensive network visibility across hybrid cloud, on-premises infrastructure, encrypted traffic, and increasingly dynamic AI environments. Gareth challenged the assumption that cloud logs alone provide sufficient insight, explaining that organizations are still missing critical East-West traffic and cloud-to-cloud interactions.

Another standout theme was the rise of shadow AI. While many organizations are focused on controlling access to public AI tools, internal experimentation often flies under the radar. Open-source models deployed inside enterprise environments can unintentionally introduce entirely new attack surfaces. According to Gareth, this is where network-level visibility becomes essential because it allows security teams to detect activity that conventional monitoring tools may never see.

Jarad also pushed the conversation into the operational realities security leaders are facing. Tool sprawl remains a challenge, but Gareth noted that organizations are beginning to rethink their architectures entirely. Rather than every tool independently collecting and processing data, enterprises are moving toward centralized telemetry strategies where data is collected once and used across multiple security and operational use cases.

The discussion around deep observability was particularly compelling because it moved beyond industry buzzwords. Gareth described traditional observability as fragmented point-in-time snapshots, while deep observability provides a continuous understanding of how data moves across systems. For incident response teams, that difference matters. It means less time piecing together isolated alerts and more time understanding the full scope of an attack.

Perhaps the most practical takeaway for IT and security leaders was Gareth’s emphasis on fundamentals. We all know this: AI architectures are evolving too quickly for anyone to confidently predict the end state, and to secure it. Instead of chasing every new technology trend and AI security product, organizations should focus on building durable foundations now: visibility across all traffic flows, identity awareness, and endpoint instrumentation. Those capabilities will remain relevant no matter how AI strategies evolve.

For leaders trying to balance AI innovation with cyber resilience, this conversation offers a refreshingly practical perspective. It is less about hype and more about preparing organizations for a world where both innovation and risk are accelerating at the same pace. Read the full Frost & Sullivan interview with Gareth Maclachlan to explore the deeper discussion around AI, telemetry, and the future of deep observability.

CONTINUE THE DISCUSSION

People are talking about this in the Gigamon Community’s AI Exchange group.

Share your thoughts today