Notifications
Clear all
Topic starter
06/06/2026 11:12 am
TL;DR: RSA Conference 2026 surfaced a widening gap between AI agent adoption and governance, with 85% of enterprises experimenting while only 5% have moved agents to production and 22-second attacker dwell times compressing response windows, according to ConductorOne. The central issue is that identity programmes built for human-paced review cycles cannot govern autonomous actors or MCP-mediated tool access fast enough.
NHIMG editorial — based on content published by ConductorOne: A CISO's Top 3 Takeaways from RSA Conference 2026
By the numbers:
- 85% of enterprises are experimenting with AI agents.
- Only 5% have moved AI agents to production.
- 22 seconds from initial access to lateral movement.
Questions worth separating out
Q: How should security teams govern AI agents that can use enterprise tools?
A: Security teams should govern AI agents as identities with explicit owners, scoped tool permissions, and enforced audit at the protocol layer.
Q: Why do AI agents break traditional access review processes?
A: Traditional access reviews assume privileges are stable long enough to inspect and certify.
Q: What is the role of MCP in AI agent security?
A: MCP is the tool-access layer that determines how agents reach data and systems, so it becomes a control point for authorisation, logging, and policy enforcement.
Practitioner guidance
- Inventory AI agents as identities Create an authoritative register of agents, their owners, their data sources, and their tool connections so shadow AI does not sit outside governance.
- Move MCP into the identity control plane Treat MCP endpoints like privileged integration points and enforce authentication, authorisation, policy, and logging on every tool call.
- Rebuild review and revocation for machine-speed actors Replace human-paced certification assumptions with controls that can detect, constrain, and terminate agent behaviour before a workflow completes.
What's in the full article
ConductorOne's full blog covers the operational detail this post intentionally leaves for the source:
- Vendor-by-vendor examples of agent identity capabilities shown at RSA and how they map to practitioner decisions.
- The specific MCP security functions the article says teams should inventory, including authentication, authorisation, and audit.
- The conference-reported statistics behind the 85% adoption and 5% production gap.
- The vendor’s view of how autonomous defence changes SOC operating models in practice.
👉 Read ConductorOne’s RSA 2026 analysis of AI agent identity governance →
MCP and AI agent governance: what identity teams need now?
Explore further
06/06/2026 11:52 am
Agent governance is now an identity problem, not an AI feature problem. The article’s core signal is that enterprises are deploying AI agents faster than they can describe, classify, and own them. That means the governance boundary is no longer the application login screen but the agent itself, including its tool reach and operational context. For practitioners, the implication is that identity inventory must expand from human and service-account records to machine actors that make consequential decisions at runtime.
A few things that frame the scale:
- 71% of NHIs are not rotated within recommended time frames, increasing the risk of compromise over time, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which shows how often identity inventories lag behind actual machine access.
A question worth separating out:
Q: How can organisations reduce the risk of shadow AI agents?
A: Organisations should combine discovery, ownership, and termination controls. That means identifying every agent-like workload, assigning a business owner, and making sure there is a reliable way to cut off tool access when the agent is misbehaving or no longer approved.
👉 Read our full editorial: AI agent identity governance is colliding with MCP and autonomy
