This blog will highlight the seven cybersecurity trends: Model Context Protocol (MCP), Agentic AI, vibe coding, identity, governance, addressing burnout in the community, and the power of partnerships, and give readers a sneak peek at sessions you’ll find on the RSAC 2026 Conference agenda.

Key Takeaways

• AI is reshaping every aspect of cybersecurity. From Model Context Protocol (MCP) implementations to agentic AI deployments across SOCs, AI is creating both opportunities and security challenges.
• Identity and governance have evolved from tactical concerns to strategic imperatives. Approaches to identity access management, authentication, and access control are now foundational elements of securing distributed environments, and governance is an undeniable imperative.
• The security community is embracing collaboration. Security leaders are increasingly open to talking about burnout, which creates opportunities for relationship building that better support teams as they confront today's complex threats.

Is Model Context Protocol (MCP)the New Security Frontier?

Model Context Protocol (MCP) has exploded with dozens of submissions proposing topics that ranged from tool poisoning (Trust Me, I’m a Tool: Attacking and Defending the MCP) and the challenges inherent in deploying and securing MCP. How AI systems interact with data and applications is quickly evolving, and submissions exploring MCP touched on the promises and perils of AI agents becoming more context aware. It is important for RSAC 2026 attendees to think about Securing MCP: Mitigating New Threats in Agentic AI Deployments and the best practices that will help to protect these context boundaries while leveraging MCP's threat detection capabilities.

Agents Are Everywhere, All at Once

The proliferation of agentic AI throughout every corner of cybersecurity—from the operations center to vulnerability management—is reshaping security and trust, particularly in high-risk, regulated environments. Autonomous AI agents are being deployed, and the submissions that came through reflected the optimism and caution that are critical to risk management in the age of agentic AI. To that end, submissions that were selected to the agenda proposed Practical Strategies for Securing Agentic AI Applications and Preparing for Next Generation Agentic AI Cybercrime. It is obvious that real-world implementations demonstrate AI's transformative potential, but what remains undeniable is the need for Guardrails for Security Agentic AI in the Enterprise.

Security in the Age of AI-Assisted Vibe Coding

The rise of AI-powered development tools has changed how code is written, elevating concerns about Insecure Vibes: Avoiding the Risks of AI-Assisted Coding. This year’s submissions made clear that many are looking at how vulnerabilities are introduced in this new reality where developers collaborate with AI assistants, often without an understanding of the security implications. So how can developersbetter uncover critical vulnerabilities across these tools? The questionemphasizes the imperative need for new approaches to securing the software supply chain. The session, No Security, Just Vibes: Fixing Vibe Coded Apps Without Security Knowledge addressed an emerging trend: Even though new tools empower folks with no developer experience to try their hand at coding, collaboration is key to fixing vulnerabilities before the app launches.

Identity Is the Cornerstone of Zero Trust

Identity continues to move toward center stage for today’s digital enterprises, and this year's submissions reveal a maturation of the identity conversation, securing it as an essential part of the security strategy. Whether it’s conversations around EU Digital Identity: Secure, Privacy-Enhancing Public Infrastructure or Trusted Identity Propagation for Autonomous Agents Across Cloud & SaaS, the industry has moved beyond authentication to now seeing identity as the fundamental security boundary in distributed, cloud-native, and AI-enabled environments. Attendees can look forward to rich discussions that span the growing challenges of managing both human and machine identities in complex systems.

Governance Is an Undeniable Strategic Imperative

Governance is no longer in the shadow of compliance but has emerged as a strategic differentiator, especially when it comes to AI governance. While organizations are grappling with AI deployment at scale, security practitioners have realized the need to adopt security-first governance structures. Security conversations are evolving to encompass AI, Identity, and Ethical Governance: Building Trust in High Stakes Systems. In the age of increasingly complex technology stacks, organizations need to understand how to address security risks. Governance is Mission Critical: Securing AI in the Era of Geopolitical Competition, and security leaders need Faster Decisions, Less Frustration: A Simplified Decision Framework.

A Community Ready to Heal

Perhaps the most heartening trend in the RSAC 2026 Call for Submissions was the number of sessions addressing burnout—a clear demonstration of the community’s courage and desire to bring this issue into the light. One session will share The Brutal Truth: 12 Critical Mistakes That Nearly Derailed My CISO Career, which confronts the challenges of shouldering impossible risk loads. Another offers 3 Ways CISOs Can Cut Team Burnout 25%+ in 90 Days—Without Yoga Classes. The willingness to be vulnerable and share experiences and strategies for building sustainable careers is a testament to a culture shift and a recognition that teams can’t secure their organizations if they don't also take care of the people doing the work.

Partnership Prevails Among a Collaborative Community

The final and most significant trend is best exemplified in the session that will advocate for bringing everyone together: Foes, Felons, and Friends: Advocating for a Dangerously Talented Community. Overwhelmingly, this year’s submissions celebrated one of RSAC’s most treasured values: Community. But the topics put forth did more than realize that we are stronger together. They celebrated the power of partnerships. From Silence to Signal: Breaking Info Sharing Barriers in the Age of AI epitomizes the imperative need for cross-sector collaboration.

As AI reshapes the threat landscape, security professionals increasingly recognize the need to breakdown silos, build new approaches to risk management, and strengthen cross-functional partnerships. So many sessions across the RSAC 2026 agenda honor the power of partnerships, affirming the collective responsibility of the global security community to raise all boats together. The trend embodies this year’s theme of "Power of Community." Our strength lies not in individual expertise but in our ability to connect, collaborate, and learn from one another.

These seven trends offer a glimpse of the conversations that will be happening throughout the week at RSAC 2026 Conference in San Francisco March 23-26, 2026. Register now and be part of the conversations that matter most.