RSA Conference 2026: Key Themes, Insights, and the Power of Community in Cybersecurity
In this blog
- Introduction: Community as the cornerstone of cybersecurity
- AI's evolving role in security
- Regulatory and policy shifts
- Identity challenges in the age of agentic AI
- Platform thinking for OT and critical infrastructure security
- Data access, loss prevention and security in the transaction path
- MCP server risks: Integration and exposure
- Collective resilience: The organizing principle
- Conclusion: A call to action for cybersecurity professionals
- Download
Introduction: Community as the cornerstone of cybersecurity
RSA Conference 2026, hosted at the Moscone Center in San Francisco, convened leaders from cybersecurity and business with the theme "The Power of Community." From a WWT perspective, the feedback from our team was that in a world increasingly defined by interconnected threats, rapid technological change and adversaries operating across borders and platforms, the conference underscored that no organization can tackle cybersecurity challenges alone. The need for collective resilience — shared standards, governance and intelligence — emerged as a foundational principle, shaped many of our discussions and was highlighted extensively from keynote addresses to breakout sessions.
AI's evolving role in security
The deployment of AI in operational technology (OT) and critical infrastructure is accelerating, with companies testing AI in hybrid settings alongside human analysts. While full automation remains on the horizon, current AI and machine learning tools are already transforming threat detection, network learning and anomaly identification. AI-powered log intelligence drastically reduces investigation times, and modern OT security solutions deploy edge appliances that integrate non-intrusively with legacy systems. The consensus is clear: AI is reshaping defensive strategies, but it must be implemented with careful attention to operational safety and continuity.
Regulatory and policy shifts
Regulation is rapidly evolving, with frameworks like the National Policy Framework for AI and the EU AI Act (effective in 2026) redefining board-level oversight. The conversation is shifting from technical risk to legal and fiduciary liability, requiring boards to establish robust governance for autonomous systems. Algorithmic fiduciary duty, materiality of AI failures and personal exposure for directors and officers are now central concerns. Automated evidence collection has become essential, providing continuous verification of AI safety and compliance for regulators and insurers.
Identity challenges in the age of agentic AI
Sessions focused on agent identity illuminated a critical gap in current frameworks. Unlike persistent service accounts, ephemeral agents are dynamically created and removed, often spawning child agents with delegated authority. Security teams require reliable ways to trace the chain of delegation and maintain accountability. Approaches such as OAuth are everywhere. Solutions like scoped authorization tokens, managed identity and attestation-based models are being explored, but tooling is still maturing. Preserving origin identity and reconstructing action paths are vital for effective incident response and auditability.
Platform thinking for OT and critical infrastructure security
A central theme from customer and partner engagements at RSA was the shift from isolated solutions to integrated security platforms for OT and critical infrastructure. Organizations increasingly demand security frameworks that go beyond dashboards or point solutions, seeking platforms capable of seamless integration with existing toolsets, processes and governance models. OEMs are responding to this shift, focusing on interoperable solutions that collectively address asset visibility, vulnerability management, segmentation and secure remote access. The conference highlighted that a platform approach, rather than an IT-centric lens, is better suited to the safety and operational requirements unique to OT environments.
Data access, loss prevention and security in the transaction path
Data access and control emerged as a major concern, with speakers emphasizing that security must move closer to the point of action. Inline data loss prevention, application firewalls, AI data loss proxies and content inspection are becoming standard, ensuring protections are active during live transactions — not just in post-event audits. The principle of using production data only when necessary, and synthetic data for testing, is gaining traction as insurers push for policy-based, volumetric governance frameworks.
MCP server risks: Integration and exposure
The Model Context Protocol (MCP) was highlighted as both a powerful integration enabler and a source of new risk. MCP allows agents to connect with external tools and data sources but creates fresh trust boundaries and supply chain vulnerabilities. Concerns included MCP servers functioning as malware if not properly vetted, the necessity of mutual authentication and strict communication policies. Just-in-time policy enforcement and sourcing MCP from trusted providers are practical mitigations. Careless deployment could result in unprecedented network exposure, underscoring the need for rigorous governance.
Collective resilience: The organizing principle
Throughout RSAC, the concept of collective resilience was omnipresent. The interconnected nature of threats and dependencies — especially as AI agents operate across organizational boundaries — demands trust frameworks and shared accountability. Real-time detection, proactive security and intelligence sharing are critical. As bad actors leverage AI for scale and ambiguity, the security community recognizes the need to embed controls from the start and foster a culture of collaboration.
Conclusion: A call to action for cybersecurity professionals
RSA Conference 2026 marked an inflection point in cybersecurity history. The urgency of the conversations, heightened physical security and global context reinforced that the challenges ahead are real and immediate. Yet optimism persists: The right questions are being asked, and the industry is poised to shape the foundations of the AI era before risks become crises. Cybersecurity professionals and executives must embrace platform thinking, strengthen governance, advance identity frameworks and prioritize collective resilience. The power of community is not just a theme — it is an operational imperative. Now is the time to build together, share intelligence and establish standards that will safeguard the future of digital operations.