In March 2026, San Francisco once again became the epicenter of the cybersecurity world as thousands gathered at Moscone Center for the RSA Conference. The dominant theme across keynotes, panels, and booth conversations was Agentic AI—not just AI as a tool, but AI as an independent actor capable of autonomous decision-making and action.

Technologies like Mythos, a next-generation AI framework for orchestrating complex multi-step cyber operations, highlight both the promise and the risk of this shift. The Cloud Security Association predicts a surge in simultaneous AI-powered attacks and urges defenders to fight AI with AI. OpenAI has expanded its Trusted Access for Cyber program to support thousands of verified defenders. Meanwhile, Gartner forecasts AI spending to grow by 44% in 2026 and reach $47 trillion by 2029, far exceeding its projected $238 billion for information security and risk management solutions.

The Dual-Use Reality of Agentic AI

Mythos and similar technologies reveal a fundamental truth: the same capabilities that benefit defenders also empower attackers. Adversaries are already using AI for autonomous reconnaissance, lateral movement, real-time adaptation to defenses, and scalable low-cost attacks with minimal human involvement. Early rogue AI agents are probing environments, exploiting misconfigurations, and mimicking legitimate users. Attackers no longer need to control every step—they can deploy agents that behave like identities.

The Risk of “One More Tool”

Every major shift in cybersecurity has spawned a wave of point solutions, leading to tool sprawl, siloed visibility, and operational complexity. The same pattern is emerging with agentic AI: AI security posture management, runtime protection platforms, anomaly detection engines, and governance solutions. Each may add value, but more tools increase friction. Organizations need better context and control over all entities—human or machine—not more dashboards.

At the parallel AGC Cybersecurity Investor Conference, a pragmatic consensus emerged: treat AI like an identity. This perspective cuts through the hype. Rather than requiring entirely separate security stacks, AI should be placed within the established domain of identity security. Agentic AI behaves like an identity—it authenticates via APIs, tokens, or credentials; accesses systems and data; performs actions; and can be compromised, misused, or go rogue.

Identity Threat Detection as the Foundation

If AI is treated as an identity, identity threat detection and risk mitigation solutions become the logical control plane. This approach combines adaptive verification, behavioral analytics, device intelligence, and risk scoring in a unified platform. Applied to AI, it enables behavioral visibility to detect anomalies such as unusual access or data exfiltration, risk-based controls to adjust access or isolate suspicious agents, unified policy enforcement across human and machine identities, and lifecycle management to prevent orphaned or unmanaged agents.

As rogue AI agents emerge—whether compromised or malicious—identity-driven security provides a practical defense. It enforces least privilege, continuously validates access, detects abnormal behavior, and automates response actions. These capabilities already exist in modern identity security frameworks and can be extended to AI without introducing new silos.

Conclusion

The conversations in San Francisco this March made one thing clear: the future of cybersecurity will be shaped by entities that can act independently. Some will be human; many will not. As technologies like Mythos push the boundaries of AI capabilities, the industry must evolve its defensive mindset. The most effective strategy may also be the simplest: if it can act, it should be treated like an identity.

By anchoring AI security within identity threat detection and risk mitigation frameworks, organizations can protect against rogue agents—without adding yet another fragmented tool to an already complex defense arsenal.

Source: SecurityWeek News