The Board Room
RSAC 2026 declared non-human identity the next platform war — Google, Cisco
Your AI agent deployment and your security architecture are now the same problem, and both are behind.
Agent Security Infrastructure Doesn't Exist Yet
RSAC 2026 crystallized a new category: non-human identity governance. MCP lacks versioning or content hashing — tools can be silently rewritten between user consent and agent execution. An autonomous bot compromised 4 major projects' CI/CD simultaneously. Exploitation windows collapsed to sub-24 hours. AI is now generating novel exploits, not just accelerating known ones.
Enterprise SaaS Splits on AI Agent Access
Slack and Workday are restricting external AI agent access; GitHub and Figma embrace openness. Workday plans to charge for agent access — a new SaaS pricing paradigm. But Anthropic's computer-use Claude bypasses these restrictions entirely at the screen level, making MCP-level gatekeeping potentially futile within 18 months.
OpenAI's Distribution Thesis Gets a Death Certificate
Microsoft's Copilot has 15M paying seats on 450M — 3.3% penetration — proving distribution moats don't transfer to AI. OpenAI's response: hire Meta's ad chief (Dave Dugan), launch ads via Criteo ($50-100K packages), and consolidate into a superapp. ChatGPT's 900M WAU converts at only ~5% paid, forcing the ad pivot. The consumer AI battle is over: ChatGPT at 440M DAU vs. Copilot at 6M.
AI Coding's 25% Velocity Tax and Estimation Crisis
75% of developers say AI reduces toil, but teams spend 25% of their week fixing AI output — a net wash most leaders haven't measured. Node.js core contributors petitioned to ban LLM PRs. Addy Osmani coined 'comprehension debt' for the growing gap between shipped code and understood code. Planning horizons compressing from 3-week to 1-week windows.
AI Expands from Bits to Atoms
Liquid AI's STAR platform runs 1.2B parameters in 719MB on a phone at 70 tok/s — 63% less memory than Llama. Arena Physica claims 18,000x EM simulation speedups for defense electronics. Bezos raised $100B to buy and automate manufacturing companies. AI value creation is migrating from software productivity to physical-world infrastructure.
Your AI Agent Infrastructure Has No Security Foundation — RSAC 2026 Just Made That Official
Enterprise SaaS Is Splitting on AI Agent Access — And Anthropic Can Bypass Both Sides
3.3% Copilot Penetration Just Killed the Distribution Thesis — Here's What OpenAI Is Building Instead
AI Breaks Through to the Physical World — Edge Computing, Hardware Design, and the $100B Manufacturing Bet
- Update: Meta's Dreamer acqui-hire closed in 11 days from first engagement — combined with December's $2B Manus acquisition, Nat Friedman's Superintelligence Labs now has the strongest consumer agent team outside Anthropic
- Product org composition is shifting structurally: PM and engineering roles up 75% from 2023 trough while design demand has been flat for 3 years — PM-to-designer ratio flipped to 1.27x, suggesting AI is compressing design out of the core product loop
- Apple Business launches April 14 as a free enterprise platform in 200+ countries with built-in MDM, zero-touch deployment, and integrated productivity — every paid SMB MDM vendor should treat this as a competitive inflection point
- GhostClaw malware now specifically harvests OpenAI and Anthropic API tokens alongside traditional credentials — confirming AI platform access has black-market value and API keys need tier-one secret management
- AI adoption-productivity gap widening: 40% of workforce has adopted AI tools but saves only 2% of total hours, with only 9% of roles fully replaced — Big Tech tying performance reviews to AI usage is capex justification, not organic productivity proof
- Nvidia-Adobe partnership announced at GTC 2026 compresses campaign asset production from 28-30 days to minutes via cloud-native 3D digital twins — go-to-market speed decouples from physical product readiness
- FCC banned all foreign-made consumer routers — China controls 60% of the market — creating immediate supply chain reconfiguration pressure; IoT sensors, cameras, and switches are logical next categories
- Revolut hit Rule of 75% at £4.5B revenue with 35% ROE and 75%+ AI auto-resolution rate — its 6% loan-to-deposit ratio (vs. industry 70-90%) is the largest untapped growth lever in consumer fintech
- AI citation concentrating into a winner-take-most game: ~30 domains capture 67% of all AI citations, decoupled from Google SEO rankings — Reddit is the #1 AI-cited domain at 3.11%
The AI agent platform war is live — Anthropic ships desktop control in four weeks from acquisition, enterprise SaaS is splitting into open and closed camps on agent access, and OpenAI is pivoting to ads after Microsoft's 3.3% Copilot penetration proved distribution moats worthless in AI — but RSAC 2026 simultaneously revealed the security infrastructure doesn't exist: MCP has zero cryptographic integrity, autonomous bots are compromising enterprise CI/CD pipelines, and exploitation windows have collapsed to under 24 hours. The organizations that unify their agent strategy and security strategy under single governance this quarter will build the foundation; everyone else is building on sand.