Snyk CEO Peter McKay Highlights Security Challenges in AI-Driven Development at RSAC

In an era where artificial intelligence is transforming software development, cybersecurity companies are racing to address new vulnerabilities emerging from this technological shift. At the recent RSA Conference (RSAC) in San Francisco, Snyk CEO Peter McKay emphasized the critical intersection of rapid development and security in the AI age.

“You want to develop fast and you want to leverage AI, you got to do it in a secure way,” McKay told NYSE’s YouTube Channel during an interview at the conference, highlighting Snyk’s platform as a solution to this growing challenge.

The annual RSAC serves as the cybersecurity industry’s premier gathering, bringing together security executives, CIOs, and CTOs from around the world. For companies like Snyk, it provides a concentrated opportunity to announce major developments and engage with partners and customers.

During this year’s conference, Snyk announced achieving FedRAMP Moderate certification, a significant milestone for the company’s government business strategy. McKay explained the certification’s importance beyond just federal contracts: “It’s not just extending our business within the federal government, but it’s also for companies that do business with the federal government… and then you extend it to state and local governments around the United States.”

The certification process, while rigorous, delivered unexpected benefits. “Getting FedRAMP is not an easy process… but it helped us as a company become so much better in the way we organize, the way we handle issues,” McKay noted, describing how it unified the company around elevated security standards.

When discussing emerging cybersecurity trends, McKay identified AI as a transformative force comparable to previous technological shifts like cloud computing. While AI offers tremendous productivity benefits that CEOs are eager to capture, it simultaneously creates new security challenges.

“Every CEO wants to get the productivity gains from AI… but what they’re coming to the realization is I need to make sure that’s all secure,” McKay said. “My developers are developing more code far faster than ever before, my security teams have to try to keep up, the attack vectors, the way a hacker can now exploit a company is just opened up exponentially.”

Perhaps most concerning is a widespread misconception about AI-generated code. McKay warned that contrary to popular belief, code produced by tools like GitHub Copilot or Cursor isn’t inherently more secure than human-written code. “Companies think, ‘Well, if Copilot or Cursor generated that code, it’s more secure than the code I was generating on my own,'” he explained. “The answer is it’s the opposite—it’s 30 to 40% more vulnerable.”

This reality creates a perfect storm: developers are producing more code faster than ever, using AI tools that may introduce more vulnerabilities, while security teams struggle to keep pace. Meanwhile, the geopolitical landscape presents additional challenges amid what McKay characterized as “perhaps less regulations, so less government oversight.”

For Snyk, these converging factors present both a business opportunity and a mission. As McKay summarized the situation: “More software is more software risk. More software risk is good for our business, but more risky for companies.”

The message from Snyk at RSAC was clear: as organizations rush to implement AI for competitive advantage, they must simultaneously strengthen their security approaches to manage the associated risks—a balance that will likely define the next era of software development.

*Source: NYSE YouTube Channel interview with Peter McKay at RSAC*