Hello, and welcome to our coverage of this year’s RSA Conference in San Francisco. It’s day one for the cybersecurity industry’s largest serious, suited-and-booted confab, the others being the annual pilgrimage to Las Vegas in August for shorts-appropriate Black Hat, and its more feral nephew, Defcon.

RSAC, however, is all about the vendors and we plan to bring you the news, trends and concerns that CISOs must know. This year, the main topic will be agents. Not the federal kind—the U.S. government has sharply pulled back its presence in San Francisco this time, after several years in which even the National Security Agency had a booth and handed out stickers with vaguely terrifying slogans. Instead, we're talking agentic artificial intelligence.

After the initial craze around generative AI, companies have realized that more focused, task-specific algorithms, or agents, provide a better return on time and investment. And, subsequently, a sharper commercial opportunity. Identity companies are champing at the bit to provide tech to manage agents.

Other issues abound, of course. Critical infrastructure is in the spotlight as tensions rise between the U.S. and China. Soul-searching continues within the industry after President Trump targeted former Cybersecurity and Infrastructure Security Agency chief Chris Krebs with an executive order.

I’ll be reporting from the conference and its many fringe events. Anything I should know? Shoot me an email – james.rundle@wsj.com.

More news below. 

Cuts to U.S. foreign aid degrade Ukraine cyber defenses. The National Security Agency and the U.S. Agency for International Development, in particular, have provided tech help and funding to Ukraine as it battles Russian hackers. Now contracts, personnel and money have been stopped or paused. (Bloomberg)

Elon Musk's X sues Minnesota to overturn ban on political deepfakes. The suit claims the state ban on fake audio, images and video intended to influence elections violates federal free speech rights. The 2023 law also makes social networks responsible for policing content, the X suit says. (Associated Press)

Hack at benefits administrator puts data of four million people at risk. Houston-based VeriSource Services, which manages benefits for employers across the U.S. said a 2024 cyberattack compromised personal information, including Social Security numbers

• The company urged those who receive breach letters to watch their financial accounts for signs of unusual activity. 

• Related from WSJ: Former Trump Official Targeted With Government Probe Vows to Fight

Microsoft in May plans to roll out its controversial Recall feature that makes copies of user activity every few minutes. Recall, powered with AI, allows users to find recent work, email, photos and links, the company says. The feature brings potential privacy problems, such as storing passwords in plain text, critics say. (Bleeping Computer)

• Related from WSJ: I Tried Microsoft’s New AI-Focused PCs. Windows Is Exciting Again.

The WSJ Pro Cybersecurity team is Deputy Editor Kim S. Nash (on X @knash99), and reporters Angus Loten, James Rundle and Catherine Stupp (@catstupp). Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.