Skip to content
Chimera readability score 0.5425 out of 100, reading level.

CRN speaks with CEOs at leading cybersecurity vendors—including CrowdStrike, SentinelOne and Netskope—about where they see AI agents heading next and what they are watching closely. Here’s what they have to say.
While it’s clear that the adoption of AI agents will lead to surging demand for cybersecurity tools and services going forward, many uncertainties remain about how the technology will impact the workforce and the industry’s approach to security in the future, top cybersecurity CEOs told CRN at RSAC 2026.
During the major industry conference in San Francisco last week, CRN spoke with the CEOs at 15 top cybersecurity vendors—including CrowdStrike, SentinelOne and Netskope—about where they see AI agents heading next and what they are watching closely.
[Related: 20 Coolest AI And Security Products At RSAC 2026]
The CEOs from other leading players that spoke with CRN included Arctic Wolf, Proofpoint, Sophos, Mimecast, 1Password, Absolute Security, Saviynt, Huntress, Delinea, Orca Security, Keyfactor and Zafran Security.
Recurring themes included how agentic is reshaping cyber risk and creating more work for security teams, while also raising questions about whether AI will ultimately replace or simply augment large portions of the workforce.
Crucially, solution and service providers will have a pivotal role to play in enabling the next wave of agentic adoption, CEOs told CRN, in what is likely to out-do even prior technological shifts in terms of driving cybersecurity growth. All in all, “it’s probably the biggest market opportunity that I’ve ever seen in my life,” Sophos CEO Joe Levy said.
What follows are insights from 15 top cybersecurity CEOs on the future of AI agents.
George Kurtz, Co-Founder and CEO, CrowdStrike
Massive cyber risk from uncontrolled agents: “When you look at the evolution of AI just over the last number of years—you had GenAI, then you had the reasoning chains and then you had the [AI] doing work. … I think [the risk] is really around the OpenClaw model where you’ve got agents that are running in the context of the user on your desktop, with access to all your data files, with everyone plugging in their credentials to plug into Box and Dropbox and Google Drive and their email and every other thing that’s out there. [If agents are] having access to shells, having access to data and workflows—how do you even know what’s going on? In February there were a whole bunch of malicious skills that got introduced into OpenClaw. [Then there are] latent attacks—if you’re poisoning memory, that’s not going to show up for a while. [Attackers] have the ability to get a supply chain attack in and just wait. So this is really scary stuff.”
Tomer Weingarten, Co-Founder and CEO, SentinelOne
AI creates more security work: “If we think about these agents basically as more employees, how do you scale your security operation? You’re not going to be able to hire fast enough. Yes, we’re getting more automated. Yes, there’s more autonomy in the SOC—but you still need human supervision. And I think that scaling is going to come from the partner ecosystem. …We’ve been talking here for quite a few years, and every year I can say the same sentence—which is, ‘There’s not enough people in cybersecurity.’ And every year it’s going to be true. I don’t think that’s going to change even with agents. AI is not going to change it. Because AI for cybersecurity is not just something to help scale the workforce, as it does for every industry—it also produces more work for the cybersecurity operator. So it’s that one segment where it’s not just automating work, [but] it’s also creating more work.”
Sanjay Beri, Co-Founder and CEO, Netskope
CISOs moving faster than ever around agentic: “I think the biggest uncertainty is, how fast can a CISO move to get the governance of their AI, while maintaining the velocity in their company of adoption of that AI? How do they not slow down the adoption of AI in their company yet quickly get it all governed? That’s their biggest challenge … I think what it does for the industry is it has elevated [CISOs] going ‘back to school’ to learn. Every CISO and CIO and head of networks is very quickly learning about AI and how it’s used. And they’re moving quicker than I’ve ever seen them move before. What may have been a project that they would schedule for a year out [in the past]—no way. A year out, in AI time, is a decade.”
Sumit Dhawan, CEO, Proofpoint
Security teams must get off the sidelines: “The problem right now is that cyber teams are standing a little bit on the sidelines. … AI has become a CEO priority [and] the cyber team really is not in a position to slow it down. So then, as a result, they’re in a little bit of a ‘wait and see’ [situation]. Because it’s happening. Every vendor is enabling AI in their products, and every business user is bringing AI, because there is a top-line directive to go adopt it as fast as possible. ... But [businesess] do want and need cyber to be there—because they understand that all of this new technology can bring their business down if the right protection is not there.”
Nick Schneider, CEO, Arctic Wolf
Industry still learning what can be automated on security: “You’ll see a steady increase in the leverage of agents within security operations. I think there are certain workflows that can be full autonomous, and there are other workflows that will not be fully autonomous. And I think we are still a ways away from the human-in-the-loop not being a prerequisite for most organizations. Some of that has to do with the company’s risk curve. There are certain actions or certain processes or certain workflows where it can be fully autonomous—and if it’s wrong, or if it’s slightly wrong, it’s not the end of the world. There are others where, if it’s wrong, it’s a big deal. And that’s where you’re going to want to still have some human validation, some human trust within the loop.”
Joe Levy, CEO, Sophos
Unprecedented opportunity in security: “Hundreds of millions of businesses are about to go through this transformation, and there is no segment or sector or size of company that is going to be immune to this. This is an economic wave that is about to splash down on the whole planet. How equipped do most organizations feel to deal with it? It’s probably the biggest market opportunity that I’ve ever seen in my life.”
Christy Wyatt, CEO, Absolute Security
More intelligence needs to move to the device: “The intelligence for all of this really needs to sit with the device itself. I think our view is long term. We talk about self-healing. It’s self-healing of the application, self-healing of the network connection, self-healing of the operating system and the device itself. And so clearly, all of that happens at the endpoint. And as all of this accelerates, long term, you’re going to want that device to understand its own state and be able to self-remediate.”
Sachin Nayyar, CEO, Saviynt
Architecture for agents is uncertain: “We don’t know if we are going to have one account per agent, one account per user, one account per role. How the agent architecture [will be set up]—it’s not fleshed out yet. So when we are working with customers, we are trying to figure out how many accounts we need to create for an agent to give it access. … So the agent architecture is undecided at this time. Companies are still working through it.”
David Faugno, CEO, 1Password
Role of partners in evangelizing about AI: “Ninety percent of the people in the country … don’t understand [AI]. And those people run businesses. And so [there’s an opportunity around] helping people understand how to harness the future in the right way and not put your head in the sand. … When you embrace it, then it becomes something that actually can drive value to help you. And so the partners can really help people see it. But the partners themselves have to lead by example.”
Marc van Zadelhoff, CEO, Mimecast
AI may not be a new paradigm for security: “At the end of the day, you have to think about the network, the endpoint, the application, the data and the identity. And then, of course, the humans that use it. Those are the tenets of cybersecurity. They have been forever. And so the question is, do we have to reinvent that stack [for AI]? Is AI a fundamentally new paradigm to secure? Or is it another technological revolution that needs to be secured with the old paradigm? I think it’s the latter.”
Art Gilliland, CEO, Delinea
Compromised agents are inevitable: “The challenge is, you don’t know all the places where AI breaches are going to hit you. I don’t know of any [cases] where an AI agent was taken over and that was what caused the breach. But it’s going to happen. Because as more companies adopt it, it’ll be a weak spot in the organization. It’ll be a machine-speed, deeply integrated privileged user in your environment.”
Kyle Hanslovan, Co-Founder and CEO, Huntress
Keeping humans “in the loop” is not enough: “[AI] requires humans in the lead, not just humans in the loop. So they have to be guiding the AI. They have to be guiding the detection research. And yes, some of these LLMs are really good at finding the low-hanging fruit. But here’s a wild part—as AI is augmenting these really creative, organized cybercriminals, it’s creating new tradecraft. … [That means] the humans have to be in the lead of the solution.”
Gil Geron, Co-Founder and CEO, Orca Security
Uncertainty around whether AI can really replace workers: “What is uncertain is whether these tools will only reach the maturity of co-piloting versus workforce replacement. With what we’ve seen is that we are helping everyone get better, including the more junior security engineers. And there’s a question if there is going to be a time where it’s also going to actually replace workforce and not just augment them. The effect is that you’re taking upon yourself a lot more responsibility, if it’s an actual replacement.”
Jordan Rackie, CEO, Keyfactor
AI could shorten time to “Q-Day”: “How is AI impacting quantum transformation? Those [teams] that are building quantum computers are leveraging AI to accelerate their timeline to a quantum computer. And so while AI is beneficial in a lot of ways, it’s actually shrinking the timelines to which organizations need to be prepared [for post-quantum encryption]. AI is allowing those that are building quantum computers to think more strategically and do more cross-referenceable analysis, to build the computers faster.”
Sanaz Yashar, Co-Founder and CEO, Zafran Security
Employers still unclear about AI’s role in the workforce: “I think the biggest uncertainty is, are going to use AI instead of humans? Or are we going to force multiply the same employees with AI? This is the dance we are seeing that companies are [doing] with AI. On one hand, they understand that without AI, they are going to be behind. On the other hand, when they are using it, they have to show efficiency. How do they show efficiency if they are not reducing manpower or services? So I do think that there is a decision that needs to be made.”

Facts Only

CRN interviewed 15 cybersecurity CEOs at RSAC 2026 in San Francisco, including leaders from CrowdStrike, SentinelOne, Netskope, Proofpoint, Arctic Wolf, Sophos, Mimecast, 1Password, Absolute Security, Saviynt, Huntress, Delinea, Orca Security, Keyfactor, and Zafran Security.
The discussions focused on the future of AI agents, their cybersecurity risks, and their impact on the workforce.
CrowdStrike CEO George Kurtz warned about risks from uncontrolled AI agents, citing examples like malicious skills in OpenClaw and latent supply chain attacks.
SentinelOne CEO Tomer Weingarten stated that AI agents create more work for security teams, requiring human supervision despite automation.
Netskope CEO Sanjay Beri noted that CISOs are accelerating AI adoption while struggling to implement governance frameworks.
Proofpoint CEO Sumit Dhawan observed that cybersecurity teams are hesitant to slow AI adoption, despite CEO-level prioritization.
Arctic Wolf CEO Nick Schneider suggested that some security workflows can be fully autonomous, while others still require human oversight.
Sophos CEO Joe Levy described the AI transformation as the "biggest market opportunity" in his career, affecting all business sectors.
Absolute Security CEO Christy Wyatt advocated for self-healing endpoints to manage AI-driven security challenges.
Saviynt CEO Sachin Nayyar highlighted uncertainties in AI agent architecture, such as account management per agent or user.
1Password CEO David Faugno emphasized the need for partners to educate businesses about AI adoption.
Mimecast CEO Marc van Zadelhoff argued that AI does not fundamentally change cybersecurity’s core principles (network, endpoint, data, identity).
Delinea CEO Art Gilliland predicted that compromised AI agents will inevitably become a breach vector.
Huntress CEO Kyle Hanslovan stressed that humans must lead AI, not just supervise it, due to evolving cybercriminal tradecraft.
Orca Security CEO Gil Geron questioned whether AI will replace workers or remain a co-pilot tool.
Keyfactor CEO Jordan Rackie noted that AI is accelerating quantum computing development, shortening timelines for post-quantum encryption.
Zafran Security CEO Sanaz Yashar identified uncertainty around whether AI will replace humans or augment their capabilities.

Executive Summary

At RSAC 2026, CEOs from 15 leading cybersecurity firms—including CrowdStrike, SentinelOne, Netskope, Proofpoint, and Arctic Wolf—shared insights on the future of AI agents and their impact on cybersecurity. A central theme was the dual nature of AI: while it automates tasks and enhances efficiency, it also introduces new risks, such as uncontrolled agentic systems accessing sensitive data, supply chain vulnerabilities, and the potential for AI-driven attacks. CEOs emphasized the growing demand for cybersecurity tools to manage these risks, though uncertainties remain about AI’s long-term role in the workforce—whether it will augment or replace human labor.
The discussions highlighted the urgency for CISOs to balance AI adoption with governance, as businesses rapidly integrate AI tools despite security concerns. Some leaders, like Sophos’ Joe Levy, framed this as an unprecedented market opportunity, while others, such as SentinelOne’s Tomer Weingarten, noted that AI creates more work for security teams rather than reducing it. The role of partners in educating businesses about AI risks and opportunities was also underscored, with 1Password’s David Faugno stressing the need to demystify AI for non-technical leaders. Overall, the consensus pointed to AI as a transformative force requiring adaptive security strategies, though its full implications for architecture, workforce dynamics, and threat landscapes remain unresolved.

Full Take

The strongest version of this narrative presents AI as a double-edged sword in cybersecurity: a tool that drives innovation and efficiency while introducing unprecedented risks. The CEOs collectively highlight a paradigm shift where AI agents are not just assistants but active participants in workflows, requiring new governance models, security architectures, and workforce strategies. The discussion acknowledges the urgency of adaptation—CISOs are moving faster than ever, yet the industry is still grappling with foundational questions, such as how to structure agent permissions or whether AI will replace human roles. This framing gives credit to the complexity of the issue, avoiding oversimplification while underscoring the scale of the opportunity and the stakes involved.
Patterns detected: ARC-0024 Ambiguity (uncertainty around AI’s workforce impact), ARC-0043 Motte-and-Bailey (AI as both a tool and a threat, depending on context)
The root cause of this narrative is the tension between technological acceleration and human control. The unstated assumption is that AI adoption is inevitable and irreversible, placing the burden on cybersecurity to "keep up" rather than question the pace or direction of integration. This echoes historical patterns of disruptive technologies—such as cloud computing or the internet—where security was initially an afterthought, leading to reactive scrambles. The paradigm here is one of "adapt or perish," with little room for skepticism about whether all AI adoption is net-positive. The implications for human agency are significant: if AI agents become "machine-speed privileged users," as Delinea’s CEO suggests, the window for human intervention narrows, raising questions about accountability and transparency. Who benefits? Vendors positioning themselves as essential mediators of AI risk. Who bears the costs? Organizations ill-equipped to govern AI at scale, and workers whose roles may be redefined or eliminated.
Bridge questions: What if the primary risk of AI isn’t technical but organizational—i.e., the rush to adopt outpaces the ability to govern? How might cybersecurity’s focus on AI agents obscure other systemic vulnerabilities, such as legacy system debt or human error? Would the narrative change if we treated AI not as an inevitability but as a tool to be selectively deployed based on measurable risk-reward tradeoffs?
Counterstrike scan: A coordinated influence campaign would amplify the "adapt or perish" framing to create urgency, positioning specific vendors as the only viable solutions while downplaying alternatives (e.g., slower, more deliberate AI adoption). The actual content aligns with this pattern in its emphasis on speed and scale, though it also includes cautionary notes (e.g., Huntress’ call for human leadership). The balance between opportunity and risk suggests a genuine industry conversation rather than a manipulated narrative, but the lack of voices advocating for restraint is notable.

Sentinel — Human

Confidence

The article appears to be human-written, featuring insights from various cybersecurity CEOs about the future of AI agents. While some similarities in argumentative structure are present, the varied sentence length and unique perspectives provide evidence against synthetic origin.

Signals Detected
low severity: Varied sentence length and transition usage, absence of hedging
medium severity: Fluent and balanced with multiple perspectives presented
low severity: Some similarities in argumentative structure, but not verbatim
Human Indicators
Unique perspectives from multiple CEOs