RSAC 2026: Navigating the Era of Agentic AI and Data Sovereignty

Patrick Bryden
1 day ago
4 min read

The Intelligence Shift: Security at the Speed of Autonomy

In 2026, the "Human-in-the-loop" is becoming the exception, not the rule. As we prepare for RSA Conference 2026, the industry has moved past the novelty of Large Language Models (LLMs) and into the complex reality of Agentic AI - autonomous systems that don’t just summarize data, but plan, decide, and act on it.

For CISOs and technology leaders, this shift represents the ultimate "control vs. innovation" dilemma. How do organizations govern a digital workforce of agents operating 24/7 across their most sensitive cloud environments? According to Gartner research, failing to implement robust governance will lead to a reality where 40% of AI-related data breaches stem from misuse by 2027. This means the focus on data-centric security will be front and center as we move through 2026 and beyond.

To help you navigate this transition, we’ve curated the must-attend RSAC sessions that tackle these challenges head-on. From building trust to AI governance, these are the sessions we have circled on our calendar.

Must-Attend RSAC 2026 Sessions: A Strategic Deep-Dive

1. Ambient and Autonomous Security: Building Trust in the Agentic AI Era [KEY-M10W]

When: Monday, Mar 23 | 3:55 PM – 4:15 PM

Overview: Vasu Jakkal and H.E. Dr. Mohamed Al Kuwaiti address the fundamental requirement for AI adoption: trust. As AI-powered attacks exceed human response times, security must be "ambient", embedded within the fabric of the network and data layers, enabling systems to detect, defend, and self-heal.

Confidencial's Insight: Traditional perimeters fail when an autonomous agent moves data from a secure repository to a public-facing API. By embedding protection directly into the data object, such as with our Selective Encryption, security travels with the information. Our approach ensures that even in an autonomous ecosystem, the data remains self-defending.

2. Security, Governance, and Control for Agentic AI [PART2-M07]

When: Monday, Mar 23 | 2:20 PM – 3:10 PM

The Core Challenge: This session tackles the growing concern of "Agent Sprawl." As autonomous agents are empowered to execute tasks across enterprise systems, they often inherit over-privileged access. Microsoft experts will discuss strategies to prevent "unintended actions"—scenarios where an agent might inadvertently leak credentials or sensitive context while fulfilling a request.

Confidencial's Insight: In 2026, identity is no longer human-centric. In a Zero Trust environment, every piece of sensitive data needs protection embedded in the metadata to reduce the "blast radius" should it ever be intercepted by bad actors or misused by an autonomous agent. We advocate for Data-Level Security as the primary defense; by redacting or encrypting specific fields at the source, you ensure an agent only sees the precise information it needs.

3. Keep Your Secrets. Use Your Data. Have it Both Ways [PART1-R02]

When: Thursday, Mar 26 | 9:40 AM – 10:30 AM

The Core Challenge: This session featuring Google and Oblivious flips the script on privacy. By leveraging Privacy-Enhancing Technologies (PETs), organizations can unlock "data in use" to enable collaborative model training without ever exposing raw, sensitive data.

Confidencial's Insight: The "last unprotected state" of data—data in use—remains the single biggest vulnerability in AI training. While traditional encryption protects data at rest, it often fails during processing. Our Selective Encryption strategy embeds protection into the document’s metadata, allowing you to leverage the "Data Economy" while keeping your "crown jewels" cryptographically isolated.

4. AI Governance: Practical Strategies for Secure, Responsible Adoption [BOF1-W01]

When: Wednesday, Mar 25 | 8:30 AM – 9:20 AM

The Core Challenge: This session, led by CrowdStrike, focuses on GRC. Attendees will share lessons on policy design and accountability models to scale AI without triggering a regulatory nightmare.

Confidencial's Insight: Governance is only as strong as its visibility. For North American firms navigating evolving privacy laws, automated data discovery and classification are the prerequisites for any framework. If your GRC strategy doesn't include automated enforcement, it’s just paperwork.

5. Safeguarding the Data Economy: A Data-Driven Approach to Managing Risk [BCS-W11]

When: Wednesday, Mar 25 | 3:40 PM – 4:00 PM

The Core Challenge: CapitalOne hosts this session on the "Data Economy," where data sprawl is now a financial risk. This session provides a playbook for classifying data at scale to meet the heightened scrutiny of the AI era.

Confidencial's Insight: The Data Economy requires a shift from "defending the fort" to "tracking the gold." We enable enterprises to implement a data-driven strategy that automatically classifies information as it’s created, ensuring your risk remains capped even as your data footprint grows.

What is the risk of Agentic AI? The primary risk of Agentic AI is "Agent Sprawl" and unintended data exposure. Because autonomous agents can act independently, security leaders must implement data-level encryption to reduce the "blast radius" of potential misuse, ensuring that sensitive metadata remains protected even if an agent's permissions are compromised.

6. Securing AI at Scale: Global Approaches to Model Protection [IAIS-R05]

When: Thursday, Mar 26 | 12:20 PM – 1:10 PM

The Core Challenge: Security is now a geopolitical issue. This session examines the security implications of open vs. closed models and how different global governance strategies (US, UK, China) affect model reliability and the risk of misuse.

Confidencial.io Insight: Model protection is about the integrity of weights and inputs. Protecting against "inversion attacks" or "data poisoning" is critical. Security leaders must ensure their model protection strategy is resilient to both external threats and internal agentic misuse.

Turning RSAC Insights into Strategy

RSAC 2026 will make one thing clear: The "Agentic AI" era requires a new security playbook. Trust is no longer something you have; it is something you verify through ambient, autonomous, and data-centric controls.

Trusted by security leaders in North America, Confidencial is ready to help you navigate this transition. By combining selective encryption with automated, object-level protection, we ensure your data stays private, even when the agents are running the show.