How can enterprises scale cyber defenses for the coming agentic workforce? What are the top cyber trends and challenges flowing from our new normal? Let’s explore through an RSAC lens.
March 29, 2026 •
Dan Lohrmann
Another RSA Conference in San Francisco ended on Thursday, March 26, 2026, and the top themes on the show floor and in keynote and breakout presentations included: securing agentic AI, identity security, physical AI and the (seemingly never-ending) rise in cyber threats globally, which is increasing exponentially with AI agents.
The physical security at the Moscone Center in San Francisco was high this past week, with RSAC 2026 attendees and bags being checked in similar ways to airport security checkpoints. Even the lines reminded me of long airport security waits.
I also really like this human-focused article from PC Magazine (based on an RSAC session) on the surprising reason why phishing still works in 2026. As we have discussed numerous times in this blog over the years, humans remain your biggest strength and also biggest weakness in cybersecurity. The key to stopping scammers is slowing down. Here’s an excerpt from that article:
“Perhaps most importantly, he referenced the work of Nobel Prize winner Daniel Kahneman. Kahneman identified two systems the brain uses to make decisions. ‘System 1 is fast, automatic, emotional, and intuitive,’ noted Rose, ‘while System 2 is slow, effortful, logical and deliberate. We live in System 1 all day, every day.‘ Rose explained that System 2 thinking literally uses more of your body’s energy, and that having evolved through periods of scarcity, we’re inclined to avoid expending that energy.”
TOP RSAC 2026 SESSIONS
Many of the top main stage sessions from RSAC 2026 are available for free at their YouTube channel, and I urge you to take the time to watch a few of these fascinating presentations of interest. There are many great sessions on securing AI through various means.
Some of the top RSAC keynotes included:
Reimagining Security for the Agentic Workforce by Jeetu Patel, president and chief product officer, Cisco
Key quotes:
- “We should NOT think of these agents as tools. They are more like digital co-workers.”
- “With chatbots, you worry about getting the wrong answer. With agents, you worry about taking the wrong action.”
- “Beware of the ‘oops phase.’” (Watch the video to see what that means.)
Activate Industry!: Moving Beyond Defense to Disruption and Active Defense by
Key quotes:
- “We found that the time between initial access [from threat actors] to the hand-off has collapsed from eight hours in 2022 to 22 seconds in 2025.”
- “Threats in the AI era include speed, scale and sophistication.”
- “We must move to active defense, but not hacking back.”
AI vs. AI: How to Reshape Defense Faster Than Attackers Reshape Offense by Nadir Izrael, CTO and co-founder, Armis
CNBC live from RSAC show floor – Databricks CEO: AI will kill the security, information and event management systems –
Key quote: “AI will kill the SIEM in 2026.”
WHAT CAUGHT MY EYE AT RSAC 2026
As I walked the RSAC show floor, the pictures below show some of the excitement, surprising numbers and activity that is still alive at one of the world’s largest annual cyber events.
Dan Lohrmann
Dan Lohrmann
FINAL THOUGHT
I also had the chance to describe what I was seeing to several media outlets, and here is one of those interviews I did with Expert Insights covering my views on trends for governments in cybersecurity.
Meanwhile, outside the Moscone Center, I was also shocked by the gas prices in California, which are a solid $3-plus higher per gallon than in Michigan — and a reminder of the impact of current global events.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
*** This is a Security Bloggers Network syndicated blog from Lohrmann on Cybersecurity authored by Lohrmann on Cybersecurity. Read the original post at: https://www.govtech.com/blogs/lohrmann-on-cybersecurity/rsac-2026-highlights-from-agentic-ai-to-active-defense