In March 2026, San Francisco once again became the epicenter of the cybersecurity world. Thousands of practitioners, vendors, and investors gathered at Moscone Center for the RSA Conference, where one theme dominated every keynote, panel, and booth conversation: Agentic AI. Not just AI as a tool, but AI as an actor—an entity capable of initiating actions, making decisions, and executing complex operations without direct human oversight.

From autonomous code generation to decision-making systems that initiate actions without human intervention, the industry is entering a new phase. Developments like Mythos, a next-generation AI framework capable of orchestrating complex, multi-step cyber operations, highlight both the promise and the risk of this shift. Mythos represents a paradigm shift where AI moves from being a passive assistant to an active participant in cybersecurity operations. This shift demands that defenders fundamentally rethink their strategies.

The Cloud Security Association (CSA) predicts a surge in simultaneous AI-powered attacks and urges defenders to fight AI with AI. OpenAI has responded by scaling its Trusted Access for Cyber program to support thousands of verified defenders and hundreds of security teams. Gartner reinforces this trend, forecasting AI spending to grow by 44 percent in 2026 and reach $47 trillion by 2029. This far exceeds its projected $238 billion for information security and risk management solutions in 2026. The sheer magnitude of investment underscores that AI is not a passing trend but a foundational shift.

The Dual-Use Reality of Agentic AI

Technologies like Mythos reveal a fundamental truth: the same capabilities that benefit defenders also empower attackers. Adversaries are already using AI to enable autonomous reconnaissance and lateral movement, real-time adaptation to defenses, and scalable, low-cost attacks with minimal human involvement. This is not theoretical. Early rogue AI agents are probing environments, exploiting misconfigurations, and mimicking legitimate users. Attackers no longer need to control every step—they can deploy agents that behave like identities, blending in with normal network traffic to evade detection.

Historically, every major cybersecurity evolution—from firewalls to endpoint detection to cloud security—has been met with a wave of point solutions. The predictable result is tool sprawl, siloed visibility, and operational complexity. These gaps often benefit attackers by providing more avenues for exploitation. Agentic AI risks are now following the same path. Early signs include the emergence of AI security posture management tools, AI runtime protection platforms, AI-specific anomaly detection engines, and AI governance solutions. While each of these may provide value, adding more tools increases friction and creates blind spots between systems.

The Risk of 'One More Tool'

Organizations do not need more dashboards. They need better context and control over the entities operating in their environments—whether human or machine. At the parallel AGC Cybersecurity Investor Conference, AI experts and industry leaders reached a more pragmatic conclusion: treat AI like an identity. This perspective cuts through the hype. Rather than viewing AI as a new tool category that requires entirely separate security stacks, it places AI within the established and critical domain of identity security.

Because fundamentally, agentic AI behaves like an identity: it authenticates (via APIs, tokens, or credentials), it accesses systems and data, it performs actions within an environment, and it can be compromised, misused, or go rogue. Once you accept this, the path forward becomes clearer—and far less fragmented. The identity security domain has matured over decades, incorporating concepts like zero trust, least privilege, and continuous verification. These principles are directly applicable to AI agents.

The zero-trust model, which assumes no entity is inherently trustworthy, becomes especially relevant when applied to AI. Just as human users must be verified before accessing critical systems, AI agents must also undergo continuous authentication and authorization. This is not a radical departure but a natural extension of existing frameworks.

Identity Threat Detection as the Foundation

If AI is treated as an identity, identity threat detection and risk mitigation solutions become the logical control plane. This approach focuses on analyzing behavior across credentials and systems. It combines adaptive verification, behavioral analytics, device intelligence, and risk scoring in a unified platform. Applied to AI, this enables behavioral visibility to detect anomalies such as unusual access, privilege escalation, or data exfiltration; risk-based controls to adjust access, enforce additional verification, or isolate suspicious agents; unified policy enforcement across human and machine identities; and lifecycle management to prevent orphaned or unmanaged agents.

As rogue AI agents emerge—whether compromised or malicious—identity-driven security provides a practical defense. It enforces least privilege, continuously validates access, detects abnormal behavior, and automates response actions. These capabilities already exist in modern identity security frameworks and can be extended to AI without introducing new silos. For example, if an AI agent begins accessing databases it has never touched before, an identity threat detection system can flag that behavior and either block it or require step-up authentication.

Moreover, many organizations already have identity and access management (IAM) systems in place. Extending these systems to cover AI agents is often a matter of configuration and policy updates rather than deploying entirely new infrastructure. This reduces costs and accelerates time to protection.

Consider the career journey of a typical cybersecurity leader who has witnessed the evolution from perimeter-based defense to endpoint detection to cloud security. Each transition brought new tools and new complexities. The shift to agentic AI, however, offers an opportunity to break that cycle by adopting an identity-centric approach from the start. By anchoring AI security within identity threat detection and risk mitigation frameworks, organizations can protect against rogue agents—without adding yet another fragmented tool to an already complex defense arsenal.

The conversations in San Francisco this March made one thing clear: the future of cybersecurity will be shaped by entities that can act independently. Some will be human. Many will not. As technologies like Mythos continue to push the boundaries of what AI can do, the industry must evolve its defensive mindset accordingly. The most effective strategy may also be the simplest: if it can act, it should be treated like an identity. This principle provides a clear, actionable path forward for CISOs and security teams navigating the age of autonomous agents.

Source: SecurityWeek News