I was on the ground last week at RSAC 2026 in San Francisco, and it will come as no surprise that AI, namely agentic AI, was the star of the show.
At last year’s event, agentic AI seemed more like a buzzword than a reality for most exhibitors and attendees. This year, agentic AI felt more tangible. Identity security and the rapid rise of cyberthreats driven by AI were also big topic drivers.
Notable sessions included Jeetu Patel of Cisco discussing the need to view AI agents as digital coworkers, Sandra Joyce of Google highlighting the speed and sophistication of modern threats and Nadir Izrael of Armis exploring defense strategies against AI-driven attacks.
As I worked my way around the show floor, I noticed there were no puppies or goats to pet this year, the focus definitely shifted to a more “let’s get down to business” vibe. Companies were focused on securing AI systems, using AI to enhance security tools and finding real solutions to security threats.
I spoke with Rich Marcus, Optro’s Chief Information Security Officer, and asked him what keeps him up at night, and his answer reflected what probably keeps many in the industry up: “The thing that keeps me up at night is the idea that attackers are leveraging AI to get better at what they do. They’re doing it presumably for a very low cost, and with people with somewhat lower skill levels. There’s a danger that they’ll leapfrog ahead of defenders if we can’t keep up. We have to keep up in kind with the attackers in terms of how efficient we can be from a cyber and a GRC perspective, or we’re gonna lose.”
Delinea’s Justin Ordman said organizations are facing real identity security risks as they rapidly adopt AI, citing a new Delinea report based on a survey of more than 2,000 IT decision-makers. Findings revealed that 90% of organizations are under pressure to relax identity controls for AI initiatives, leading to visibility gaps and increased nonhuman identity risk.
So, it makes sense. IT professionals no longer have time to pet the puppies and goats. It is time to focus on work, stay ahead of the hackers and be innovative.
If you weren’t able to attend the event, don’t fret. RSAC has posted many of this year’s keynotes on its YouTube page. Check them out, here.
If you like these insights on AI, sign up for the AI Impact SmartBrief, our twice-a-week practical newsletter on AI.