• Cybersecurity Excellence Awards

2026 Awards Nominations Reveal a Shift From “AI Everywhere” to AI Governance, Identity, and Accountability

February 17, 2026

We reviewed the first 200+ submissions for the 2026 Cybersecurity Excellence Awards ahead of RSA Conference 2026, looking for themes across categories. Noticeable is a shift away from broad AI positioning and toward governance frameworks, identity architecture, and measurable accountability.

Agentic AI categories are among the fastest-growing in the 2026 program. Autonomous systems are moving from pilot to production faster than governance frameworks can keep pace, which is widening the gap between AI adoption and enterprise security readiness. In the nominations, that tension shows up in practical terms: concerns about shadow AI deployments operating outside security oversight, agents taking actions without clear authorization boundaries, and unpredictable behavior when autonomy outstrips guardrails.

These patterns also mirror what we are seeing across Cybersecurity Insiders’ independent research portfolio, including the 2026 CISO AI Risk Report, the 2026 Cloud Security Report, and the 2026 Zero Trust Report. Browse the research library here.

While survey research outlines CISO priorities, nomination data highlights how vendors are responding. Three trends stand out:

  • Agentic AI is dividing along autonomy and governance lines. Nominations span distinct platform and governance categories, including autonomous SOC copilots, ISO 42001-aligned governance frameworks, and human-in-the-loop safeguards. Submissions reflect both platforms deploying autonomous agents and solutions designed to govern, constrain, and monitor them. The practical difference is becoming clearer: “agent capability” is one conversation; “agent control” is another, and many buyers will need both.
  • Identity is expanding into identity lineage. Identity-related nominations show year-over-year growth, with expanded participation in non-human identity (NHI) and identity security posture management (ISPM) categories. A recurring theme is lineage: tracing the origin, context, ownership, and lifecycle of machine identities across hybrid environments. As AI agents and automations proliferate, identity becomes less about a directory entry and more about proving which system or workflow created an identity, what it can access, how privileges change over time, and how actions are attributed back to an accountable owner.
  • Data security is reasserting itself as the AI-era foundation. Nominations across DSPM, governance, and security data layer categories position data security as a structural requirement for AI risk management, not a downstream hygiene task. Submissions emphasize visibility into AI-driven data access, cross-cloud governance, and policy enforcement that remains effective when data moves between environments and tools. Put simply: if you cannot see what data an AI-enabled workflow touches, you cannot claim you govern AI risk.

Submissions for the 2026 Cybersecurity Excellence Awards remain open through February 21, ahead of RSA Conference 2026. To submit a nomination, visit https://cybersecurity-excellence-awards.com/