The 2026 RSA Conference 2026 (RSAC), San Francisco has underscored a decisive shift in cybersecurity, with artificial intelligence now central to both defence and threat landscapes. A dominant theme is the rise of “agentic AI,” with industry commentary noting that “we are moving from copilots to fully autonomous agents” (Investors Business Daily).
This shift is reinforced by a wave of pre-event announcements, where vendors are embedding AI directly into security platforms. A key focus is securing AI agents themselves, with Microsoft positioning identity as foundational. As outlined in its RSAC announcements, “every new identity represents another potential entry point for attackers” highlighting the rapid expansion of the identity attack surface in the AI era.
To address this, Microsoft introduced new Entra capabilities to secure both human and non-human identities. Central to this is Microsoft Entra Agent ID, designed to “protect agent identities with the same rigor as users, apps and devices”. This reflects a major shift: AI agents are now treated as first-class identities within enterprise security models.
Vendors are also focusing on controlling AI usage across environments. New Entra capabilities aim to “secure employee access in the AI era, from shadow AI discovery to strong phishing-resistant authentication”, addressing risks from unmanaged AI tools and prompt-based attacks. Supporting this, Microsoft is introducing network-level detection to identify previously unknown AI applications and surface “shadow AI” usage across environments .
Identity resilience is another major theme. Microsoft announced capabilities such as Tenant Governance and Backup and Recovery to “protect your multi-tenant environments” and restore critical identity objects. These features aim to address one of the biggest operational risks: loss or compromise of identity control planes.
At the same time, AI is being embedded directly into identity security operations. New Conditional Access capabilities provide “context-aware recommendations and automated least-privilege enforcement”, enabling organisations to dynamically adjust access policies based on risk signals and behaviour.
These developments align with broader RSAC themes. As highlighted during briefings, “AI is now both the attacker’s weapon and the defender’s shield” (Investors Business Daily), reinforcing the dual-use nature of the technology. Identity has consequently emerged as the central control plane, with security leaders emphasising that managing access across users, workloads, and AI agents is now critical.
At the same time, organisations are moving toward platform consolidation. Industry forecasts point to unified, AI-driven security architectures, reducing tool sprawl while improving detection and response. However, risks remain—particularly from unmanaged AI systems. As one expert warned, “unmanaged AI agents are creating a new class of shadow risk” (Mitiga analysis).
Market response has been positive, with AI-led innovation increasingly seen as the primary growth driver for cybersecurity providers. The overall direction is clear: security is shifting toward identity-centric, AI-driven, and increasingly autonomous defence models. RSAC news will have a global impact on share prices, as companies provide product updates.
Source: