The security industry has spent the last few years talking about AI, automation, and the future of the SOC. Most of it sounded like incremental progress. Better detection, more automation, faster response. What Cisco introduced at RSA 2026 feels different. Not because of a single product, but because of the shift in how the problem itself is being framed.
Cisco is pushing the idea of a so-called “agentic workforce.” At first glance, it sounds like another marketing term. In reality, it points to something many organizations are already experiencing but rarely describe clearly. Systems are no longer just executing predefined tasks. They are making decisions, interacting with APIs, orchestrating workflows, and acting with a level of autonomy that blurs the line between software and operator.
This is where traditional security models start to break down.
For decades, security architectures have been built around three core elements: users, devices, and networks. Even Zero Trust, for all its evolution, is still fundamentally designed around human identity and controlled access. AI agents do not fit neatly into that structure. They are not users, they are not endpoints in the traditional sense, and they are far more dynamic than service accounts ever were.
What Cisco is effectively saying is simple: if these agents act like entities, they need to be treated like entities.
That changes everything.
Zero Trust, in this model, is no longer just about verifying a user at login or validating a device posture. It becomes a continuous evaluation of any active entity inside the system. Identity is no longer static. It becomes fluid, contextual, and constantly reassessed. Trust is no longer granted once. It is negotiated in real time.
This is not just a technical adjustment. It is a conceptual shift.
Cisco is tying this direction closely to its existing stack, including Duo for identity and secure access capabilities, while bringing Splunk into the picture as the analytical backbone. That combination is important. As soon as autonomous agents enter the environment, the volume and complexity of activity increase dramatically. More interactions, more signals, more behavior that looks legitimate on the surface but may not be.
This is where Splunk’s role evolves. It is no longer just about log aggregation or classic SIEM use cases. It becomes a system for understanding machine behavior. The critical question shifts from “Was there an attack?” to something far more nuanced: “Is this agent behaving as expected?”
That distinction is subtle, but it changes the nature of security operations.
The SOC itself is already starting to evolve under this pressure. Traditionally, it has been designed to collect events, correlate alerts, and support human decision-making. In an environment where systems act independently, parts of that decision-making process move closer to automation. Systems begin to monitor systems, evaluate behavior, and trigger responses without waiting for human intervention.
The SOC becomes less of a monitoring center and more of an orchestration layer.
For most organizations, this is an uncomfortable realization. Many have invested heavily in identity, endpoint protection, and cloud security, but very few have a clear model for how to govern non-human actors that operate with a degree of autonomy. AI agents introduce a new category of risk. A compromised user can cause damage, but a compromised agent can act faster, scale further, and remain harder to detect.
That is the real issue Cisco is surfacing.
At its core, this is not about a new feature set. It is about redefining identity itself. The shift moves from a user-centric model to a system where any active entity must be identifiable, observable, and controllable. That includes software agents that continuously act within the environment.
What makes this development relevant is not that Cisco has solved the problem. It has not. But it is one of the first major vendors to explicitly frame it this way and connect identity, analytics, and access control into a coherent narrative around autonomous systems.
After endpoint security, cloud security, and identity, a new layer is emerging. One that has not yet been fully structured or standardized. Agent identity and agent governance are becoming real concerns, not theoretical ones.
The question is no longer whether organizations will deploy autonomous systems. That is already happening. The question is whether they will be able to control them.
Right now, the answer is not entirely clear.
