AI Security Action Items for the Second Half of 2026
At the start of the year, in AI Security Challenges in 2026, I laid out the challenges the industry as a whole would likely face over the course of the year. Half a year has now passed, and many of the topics I described back then as needing to "wait for future technological maturation" have already reached a stage where we can start taking action. Okta Cross-App Access has become a service ready for production deployment, and Anthropic has adopted it. Sandboxes for agents are becoming standardized, and frontier models are beginning to surpass humans in the application security domain. As we enter the second half of 2026, this article summarizes the latest state of the AI Security industry and lays out where those responsible for AI Security at a typical organization—one that is presumably driving agent adoption—should start over the next six months.
