Agentic risks take center stage at RSAC

Like Glinda the Good with the people of the Land of Oz, agentic security was more popular than ever at RSAC 2026.

During the annual conference, which took place at the Moscone Center in San Francisco, current and emerging AI and agentic security risks dominated the conversation as security professionals did their best to wrap their heads around cybercriminals using the technology for their latest schemes.

Not-so-subtle foreshadowing. An underlying theme of the conference this year: the worst is yet to come.

Security professionals spent a great deal of time forecasting threats. During a March 24 Illumio panel at San Francisco’s Hyatt Regency, for example, Microsoft GM of Global Threat Intelligence Sherrod DeGrippo predicted a new type of threat actor that could soon pose a risk to organizations.

“We will see the advent very soon of the ‘unicorn threat actor,’ which is an apex-level threat actor that has incredible capability, incredible reach, incredible automation, and persistence,” DeGrippo said, adding that these will be socially motivated entities who engage in acts of hacktivism.

Novel threat actors aren’t organizations’ only worry. Dave Meister, VP of MSP at Check Point Software, told IT Brew in an interview during the conference that he worries about the sheer amount of data living in AI assistants like ChatGPT and Microsoft Copilot, and what could happen if these platforms are compromised.

“When we see the first breach of one of these agents, it’s going to shake the industry massively,” he said, adding that bad actors would be able to create unvetted agents to carry out malicious tasks within an organization.

“There’s opportunity for data exfiltration,” Meister said. “There’s opportunities for people to outsource that work to elsewhere. There’s opportunity for agents to go rogue and just cause havoc.”

Here and now. Industry professionals also focused on the biggest challenges in the current cybersecurity terrain, including shadow AI, deepfake attacks, and rogue agents. While “agents” was the word of the week at RSAC, “data” was a close second. The success of companies in rolling out an agent or AI initiative will be highly dependent on the “quality and clarity of data” within a company, according to Meister.

“If [agents] have access to things they shouldn’t have access to, then that’s a big risk,” Meister said. “If the data is not built in a way that they can read it properly, that’s also a risk.”

Security professionals discussed the latest pain points in their jobs during a March 25 Cisco and Splunk CISO panel. Headspace CISO Jameeka Green Aaron told the audience that the industry focuses on the importance of having good guardrails for AI, but not on how the technology is capable of bypassing those same guardrails—thus changing the game for CISOs.

“In every implementation of AI that I’ve built, the guardrails have failed,” Aaron said during the panel. “And it’s not that they failed. I think they were put in place effectively. But AI is meant to learn. It is not deterministic.”

What’s an IT pro to do? Alongside the risks, security professionals shared how they are keeping their users and data protected in the agentic era. Vodafone Global CISO Emma Smith told the audience in a March 23 panel that her company is making AI “accessible” to all employees and ensuring tools meet the needs of security teams to help tackle shadow AI.

“Having a strategy that picks the right LLMs and keeps pace with LLM development makes it really easy to use those approved tools, and far harder to use anything else,” she said.

Meister added that companies should be skeptical about the security of new, shiny AI tools on the market before investing in them.

“We have to be mindful of, did it come from a reputable source?” Meister said. “Did it come from an organization that we trust, and what type of verifications have gone into play before this has been put out and put into production?”