Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents

In March 2026, San Francisco once again became the epicenter of the cybersecurity world. Thousands of practitioners, vendors, and investors gathered at Moscone Center for the RSA Conference, where one theme dominated every keynote, panel, and booth conversation: Agentic AI. Not just AI as a tool, but AI as an actor. From autonomous code generation to decision-making systems that initiate actions without human intervention, the industry is entering a new phase. Developments like Mythos, a next-generation AI framework capable of orchestrating complex, multi-step cyber operations, highlight both the promise and the risk of this shift. The Cloud Security Alliance predicts a surge in simultaneous AI-powered attacks and urges defenders to fight AI with AI. OpenAI has responded by scaling its Trusted Access for Cyber program to support thousands of verified defenders and hundreds of security teams. Gartner reinforces this trend, forecasting AI spending to grow by 44 percent in 2026 and reach $47 trillion by 2029. This far exceeds its projected $238 billion for information security and risk management solutions in 2026. The Dual-Use Reality of Agentic AI Technologies like Mythos reveal a fundamental truth. The same capabilities that benefit defenders also empower attackers. Adversaries are already using AI to enable: Autonomous reconnaissance and lateral movement Real-time adaptation to defenses Scalable, low-cost attacks with minimal human involvement This is not theoretical. Early rogue AI agents are probing environments, exploiting misconfigurations, and mimicking legitimate users. Attackers no longer need to control every step. They can deploy agents that behave like identities. The Risk of “One More Tool” Every major shift in cybersecurity has led to a wave of point solutions. The result is predictable: tool sprawl, siloed visibility, and operational complexity. These gaps often benefit attackers. Agentic AI risks are following the same path. Early signs are already visible: AI security posture management tools AI runtime protection platforms AI-specific anomaly detection engines AI governance solutions Each may provide value, but adding more tools increases friction. Organizations do not need more dashboards. They need better context and control over the entities operating in their environments, whether human or machine. At the parallel AGC Cybersecurity Investor Conference, AI experts and industry leaders reached a more pragmatic conclusion: organizations should treat AI like an identity. This perspective cuts through the hype. Rather than viewing AI as a new tool category that requires entirely separate security stacks, it places AI within the established and critical domain of identity security. Because fundamentally, agentic AI behaves like an identity: It authenticates (via APIs, tokens, or credentials) It accesses systems and data It performs actions within an environment It can be compromised, misused, or go rogue Once you accept this, the path forward becomes clearer—and far less fragmented. Identity Threat Detection as the Foundation If AI is treated as an identity, identity threat detection and risk mitigation solutions become the logical control plane. This approach focuses on analyzing behavior across credentials and systems. It combines adaptive verification, behavioral analytics, device intelligence, and risk scoring in a unified platform. Applied to AI, this enables: Behavioral visibility to detect anomalies such as unusual access, privilege escalation, or data exfiltration Risk-based controls to adjust access, enforce additional verification, or isolate suspicious agents Unified policy enforcement across human and machine identities Lifecycle management to prevent orphaned or unmanaged agents As rogue AI agents emerge, whether compromised or malicious, identity-driven security provides a practical defense. It enforces least privilege, continuously validates access, detects abnormal behavior, and automates response actions. These capabilities already exist in modern identity security frameworks and can be extended to AI without introducing new silos. Conclusion The conversations in San Francisco this March made one thing clear: the future of cybersecurity will be shaped by entities that can act independently. Some will be human. Many will not. As technologies like Mythos continue to push the boundaries of what AI can do, the industry must evolve its defensive mindset accordingly. The most effective strategy may also be the simplest: If it can act, it should be treated like an identity. By anchoring AI security within identity threat detection and risk mitigation frameworks, organizations can protect against rogue agents—without adding yet another fragmented tool to an already complex defense arsenal. Learn More at the AI Risk Summit | Ritz-Carlton, Half Moon Bay Related: AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers Related: ‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats WRITTEN BY Torsten George Dr. Torsten George is an internationally recognized IT security expert, author, and speaker with more than 30 years of experience in the global IT security community. He regularly provides commentary and publishes articles on data breaches, insider threats, compliance frameworks, and IT security best practices. He is also the co-author of the Zero Trust Privilege for Dummies book. Torsten is currently serving as Chief Marketing Officer at ID Dataweb. Prior he held executive level positions with ConnectWise, Absolute Software, Centrify, RiskSense, RiskVision, ActivIdentity, Digital Link, and Everdream Corporation. More from Torsten George SIM Swaps Expose a Critical Flaw in Identity Security Why Identity Security Must Move Beyond MFA Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking AI Is Supercharging Phishing: Here’s How to Fight Back Cybersecurity Awareness Month 2025: Prioritizing Identity to Safeguard Critical Infrastructure Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives Security Theater or Real Defense? The KPIs That Tell the Truth Latest News Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device Locked Shields 2026: 41 Nations Strengthen Cyber Resilience in World’s Biggest Exercise US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor Trump Administration Vows Crackdown on Chinese Companies ‘Exploiting’ AI Models Made in US Vulnerabilities Patched in CrowdStrike, Tenable Products Bitwarden NPM Package Hit in Supply Chain Attack Copperhelm Raises $7 Million for Agentic Cloud Security Platform Trending Webinar: A Step-By-Step Approach To AI Governance April 28, 2026 With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment. Register Virtual Event: Threat Detection And Incident Response Summit May 20, 2026 Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register People on the Move Neill Feather has been named Chief Executive Officer at Point Wild. Oasis Security has appointed Michael DeCesare as President. Sterling Wilson has joined IGEL as Global Field CTO, Business Continuity and Disaster Recovery. More People On The Move Expert Insights Government Can’t Win The Cyber War Without The Private Sector Securing national resilience now depends on faster, deeper partnerships with the private sector. (Steve Durbin) The Hidden ROI Of Visibility: Better Decisions, Better Behavior, Better Security Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. (Joshua Goldfarb) The New Rules Of Engagement: Matching Agentic Attack Speed The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. (Nadir Izrael) The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust Data integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. (Steve Durbin) Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) Flipboard Reddit Whatsapp Email