Identity security at RSAC 2026: The new enterprise dynamics

Threat landscape: Increasing threat velocity

RSAC week kicked off with events from Microsoft and Google, and the consistent message that adversaries were using AI to increase the volume, speed and sophistication of their attacks. Long story short, adversaries are using AI to dramatically amp up their efforts. While the attacks might not be super-sophisticated today -- better phishing lures, etc. -- attackers will learn and get progressively better, especially because they can now deploy agents for malicious purposes.

While everyone has opinions on the risks and where the threats will emerge, these are early days for deploying AI agents, and the risks in the field have yet to emerge in volume. Researchers have found many vulnerabilities, but actual events or compromises causing significant business damage have yet to appear. Given how enterprises are embracing agentic AI across their businesses, it is a matter of when -- rather than if -- they will face attacks or incidents.

The increased attacker velocity with AI needs to be countered by defender velocity that is also powered by AI. The topics on most RSAC attendees' minds were how defenders can up their game using AI agents and ensuring that enterprises use agents securely.

Finding the signal in the AI security marketing noise

From a defender's perspective, the volume of the AI agent message was cranked to 10, but there was distortion coming out of the speaker. Signage blared "security for AI agents," but there was little clarity about the layers comprising a complete solution for AI agent security. An AI agent security stack has many layers: AI security posture management; data security, including data security posture management and data loss prevention; identity security -- i.e., governance, fine-grained access control, lifecycle management; and data and cyber-resilience for AI agents, including backup and recovery, ensuring AI infrastructure, retaining AI agent logs, etc.

The AI agent phenomenon is relatively new, and it will take time for enterprises, security practitioners and the cybersecurity ecosystem to figure out how the cybersecurity pieces fit together. The various technology providers are approaching it from different perspectives. When it comes to identity security for AI agents, three approaches stand out:

• Cybersecurity platform players. Bigger cybersecurity players have a comprehensive "we will solve your AI agent issues" approach to solve the broad range of AI agent security challenges. That runs the gamut from prompt injection attacks and model poisoning to governing and securing agent identities. These players include Cisco, CrowdStrike, Microsoft, Palo Alto Networks, CyberArk and Thales.
• Identity platform players. Enterprises have already invested in identity governance and administration, privileged access management, access management, identity security posture management and identity threat detection and response. It is a natural extension for vendors such as Delinea, SailPoint Technologies, Saviynt, BeyondTrust, ConductorOne, Teleport, Andromeda Security and Xage Security to expand their portfolios to manage and secure AI agent identities alongside existing platforms for securing and governing human and nonhuman identities.
• AI agent identity management and security players. These are pure-play technology providers focused on the specific problem of AI agent identity security. They include Astrix Security, Barndoor AI, GitGuardian, Natoma Labs, Oasis Security, Token Security, and AppViewX and Eos Cyber.

Identity and security teams have a job to do and need to be ruthless about achieving their goals. Teams typically want to extract more value from the existing technology stack. However, if an incumbent platform doesn't solve the problem or meet their needs, teams are more than willing to consider a best-of-breed tool that will. Time will tell which approach predominates as the market distinguishes between strong AI agent identity tools that can work today and roadmaps that might require some patience.

Changing enterprise budget dynamics for AI agents

AI agents are a recent phenomenon, and the management and security of these initiatives frequently vary from other IT and security processes. While a CEO might tap a subordinate to lead the AI initiative -- and hand them a budget to do so -- conversations at RSAC underscored that the budget dynamics for AI agent security can differ. CISOs and CIOs continue to have budgets, but there is often a standalone AI budget that could be owned by a CDO, CTO or other C-level executive tasked with driving AI initiatives.

If you are a security or identity team leader, you need to help the enterprise AI leader grasp the business value of security and identity management needed for production AI agent deployment. Identity security teams, in particular, recognize that AI agents still have compliance obligations, require security best practices, and need common identity governance and management processes to deliver efficiency and scalability across the enterprise. The vendor community needs to arm its constituents with the information to make the case for security investments.

It is an amazing time to work in security; the dynamism of it can make your head spin. If you are a new technology player solving an interesting new identity or data security problem, or you have an innovative approach to an existing challenge, I would like to hear about it. You can reach me on LinkedIn.

Todd Thiemann is a principal analyst covering identity access management and data security for Omdia. He has more than 20 years of experience in cybersecurity marketing and strategy.

Omdia is a division of Informa TechTarget. Its analysts have business relationships with technology vendors.