AI agents and physical AI are no longer abstract risks. They’re changing how routers, switches, OT gear, and cloud paths must be monitored, segmented, and defended in real time.
For those who spend their days keeping packets flowing and links secure, you may have noticed this year’s RSAC 2026 conference felt very different. RSA has historically been a CISO-centric event, but this year it was clear that networking and security engineering teams are now on the front lines of every AI-driven risk conversation.
Over the past several years, the classic perimeter has dissolved into a mesh of users, apps, AI agents, and connected devices spanning data centers, clouds, branches, and OT sites. Nvidia GTC took place the week before RSA, highlighting claws, physical AI, and edge inferencing. And those trends have landed squarely on the networking team’s plate—every new AI-enabled service adds another path an attacker can traverse.
Now that I’ve had time to digest the news and themes from RSAC, here are my five takeaways, framed with concrete priorities for network and security engineers.
The great convergence: Data resiliency is security
For years, the backup team and the SOC operated on different planets. In 2026, those planets collided. With agentic AI now capable of making autonomous decisions—sometimes bad ones—the ability to recover isn’t just an IT task; it’s a security mandate.
This made Veeam, with its acquisition of Securiti AI, one of the most interesting vendors at RSA. Historically, the company has been security-adjacent, helping companies recover from ransomware. Post-acquisition Veeam is squarely in the security space while maintaining its market-leading position in data resiliency.
At the show, I met with CEO Anand Eswaren and Rehan Jalil, president of products and technology at Veeam and former CEO of Securiti. The two emphasized the concept of “precision” in security and data resiliency. Their message? It’s not enough to have a backup; you need to be able to undo an AI-driven mistake or a sophisticated ransomware attack with surgical precision. We are seeing a shift as data protection and security operations (SecOps) finally merge into a single “resiliency” workflow.
For IT pros, this translates into:
- Designing topologies and routing policies that support near real‑time, partial restores of critical services without hard cutovers.
- Ensuring backup traffic, recovery workflows, and security tooling share telemetry so SecOps can correlate “what changed on the wire” with “what was restored.”
- Treating recovery points and paths as part of the security posture, not just DR plumbing.
If your network cannot support fast, targeted rollback of bad changes—especially those initiated by AI agents—you are not actually secure, no matter how many controls you deploy.
The rise of physical AI and the exposed underbelly
One of the biggest reality checks at RSA was how far we’ve moved into the era of physical AI: robots, sensors, building systems, medical devices, smart grids, and smart cities all riding on the same IP fabric you maintain. This is beyond traditional IoT—these are systems where a compromised packet can translate into a real‑world physical outcome.
Forescout released its 2026 Riskiest Connected Devices report, and there is a key message for network engineers: routers and switches have officially overtaken endpoints as the primary attack vector. These devices are now the connective tissue of physical AI, and attackers increasingly target the infrastructure that sees and steers all traffic, not just the endpoints that generate it.
At its booth, Forescout highlighted its VistaraAI agentic suite, which continuously analyzes network changes, prioritizes risks, and recommends remediation across IT, OT, IoT, and IoMT. For engineering teams, that points to several key initiatives:
- Move beyond segment and forget: Static VLANs and legacy ACLs are insufficient when OT and physical AI systems change weekly.
- Treat infrastructure devices as high-value assets: Enforce strong identity for routers/switches, lock down management planes, and monitor control-plane behavior for anomalies.
- Converge physical-world observability (OT, IoT, building systems) with network telemetry so you can see exactly how a PLC change or robot command traversed the network.
A Fortinet Accelerate customer from oil and gas summed it up when he admitted he had no idea how many OT devices were connected. That level of blind spot is no longer tenable when physical AI depends on your network fabric.
The year of the claw: Securing the agentic workforce
If 2025 was the year everyone experimented with AI agents, RSAC 2026 was about controlling them—especially those traversing your network and APIs. With millions of AI agents acting as digital coworkers, making changes, pulling data, and triggering workflows, the management problem has become a network- and security-engineering challenge.
Nvidia CEO Jensen Huang put “claws” front and center at GTC, and at RSA, Cisco brought that metaphor to the security and networking community with DefenseClaw, an open-source framework that scans, sandboxes, and inventories every skill and action an AI agent can perform. DefenseClaw integrates with Nvidia’s OpenShell to provide a secure runtime and governance layer for agents.
At the RSAC Security Operations Center, Cisco also showcased its AI Defense platform, providing a granular view of AI apps, their usage patterns, and associated risk status. For networking engineers, the implications are:
- You need visibility into which agents are on the network, what APIs they hit, and what lateral paths they could use if compromised.
- Network policy should distinguish human, service, and agent identities, with per‑role segmentation and rate limits.
- Telemetry pipelines must be ready to feed agent behavior into SIEM/SOAR and AI governance tools, so “shadow agents” don’t silently consume bandwidth and exfiltrate data.
The AI era is here; if you do not instrument and govern how agents use the network, they will create their own unmanaged, high‑risk data paths.
AI everywhere demands zero trust at every hop
A conversation with Deepen Desai, chief security officer at Zscaler, highlighted a paradox that should sound familiar on the network side: AI is a board-level mandate, yet it also massively expands the attack surface through shadow AI use, AI-generated malware, and new app-to-app communications.
Zscaler’s ThreatLabz observed nearly a trillion AI-related transactions in 2025, with almost 40% blocked for security reasons. In this environment, any remaining perimeter-based mindset breaks down. Zero trust becomes the only viable framework for controlling traffic among users, services, and agents wherever they are.
For network engineers, Desai’s “AI to fight AI” framing turns into concrete tasks:
- Make identity-based, app-level policy the default: Think in terms of segments and microsegments tied to users, services, and agents—not subnets.
- Enforce strict input/output guardrails for AI services: Control which models can be accessed, which data sources they can access, and what they can send outbound.
- Build continuous validation and red teaming into network paths to and from AI resources so that malicious use of legitimate SaaS (for example, malware using Google Sheets as C2) can be detected and disrupted.
From a networking perspective, zero-trust everywhere means your forwarding decisions and your security decisions must be tightly coupled and continuously evaluated, not set once in a firewall rule base and forgotten.
Platformization and the coming cryptographic reset
The largest vendors are all pushing platform strategies as the only way to manage 2026’s threat volume and cryptographic complexity at scale. In earlier years, platform pitches often sounded like marketing. Now, with AI-accelerated threats and cryptography in flux, the operational problem is very real.
Palo Alto Networks used RSAC to roll out its Next-Generation Trust Security (NGTS) release, focused on what it sees as the next major challenge: quantum-era cryptography. We are entering a period of continuous cryptographic reset, in which certificate lifecycles shrink to about 45 days and post-quantum algorithms must be phased in across sprawling hybrid networks.
NGTS integrates with Palo Alto’s Strata Cloud Manager to provide unified visibility and automated certificate lifecycle management, helping avoid outages as organizations rekey and migrate. For network engineers, that translates into:
- Inventorying every TLS termination point in the network (load balancers, proxies, VPNs, gateways, app servers) and tying them into an automated cert platform.
- Designing change processes and maintenance windows that can support continuous, rolling crypto updates without breaking tunnels or latency‑sensitive flows.
- Coordinating closely with security teams so quantum‑safe transitions are tested on live network paths before being rolled out globally.
No one knows when Q-Day will arrive (the day when quantum computers get powerful enough to break existing encryption standards), but your network will be on the critical path when it does. Treating the cert and key lifecycle as part of normal network operations—not an occasional scramble—is becoming mandatory.
What it means for the IT practitioner
The shift on display at RSAC 2026 signals that the era of security silos is over. Networks are now inseparable from security strategy and AI governance. For practitioners, the job is no longer just keeping links up and latency down—it is building a fabric that can observe, contain, and rapidly recover from AI-driven incidents across digital and physical domains.
As AI agents and physical AI systems make more autonomous decisions on your network, three shifts will define success:
- From protection to precision: It’s not enough to protect and back up; you need precise, workflow‑aware recovery paths built into your network design.
- Securing the living perimeter: With robots, sensors, and smart buildings attached everywhere, your “perimeter” is dynamic and physical; segmentation, identity, and observability must evolve with it.
- Operational convergence: Network, security, and OT teams must share tools, telemetry, and language, because attackers and AI agents do not respect org charts.
The bottom line
As AI agents begin to make autonomous decisions on your network, the ability to provide a safety net of near real-time recovery will be the ultimate measure of IT strategy. The sooner networking engineers treat resiliency, zero trust, and crypto agility as core design requirements—not afterthoughts—the better prepared their organizations will be for the next RSA cycle.
