For IT pros, this translates into:
- Designing topologies and routing policies that support near real‑time, partial restores of critical services without hard cutovers.
- Ensuring backup traffic, recovery workflows, and security tooling share telemetry so SecOps can correlate “what changed on the wire” with “what was restored.”
- Treating recovery points and paths as part of the security posture, not just DR plumbing.
If your network cannot support fast, targeted rollback of bad changes—especially those initiated by AI agents—you are not actually secure, no matter how many controls you deploy.
The rise of physical AI and the exposed underbelly
One of the biggest reality checks at RSA was how far we’ve moved into the era of physical AI: robots, sensors, building systems, medical devices, smart grids, and smart cities all riding on the same IP fabric you maintain. This is beyond traditional IoT—these are systems where a compromised packet can translate into a real‑world physical outcome.
Forescout released its 2026 Riskiest Connected Devices report, and there is a key message for network engineers: routers and switches have officially overtaken endpoints as the primary attack vector. These devices are now the connective tissue of physical AI, and attackers increasingly target the infrastructure that sees and steers all traffic, not just the endpoints that generate it.
At its booth, Forescout highlighted its VistaraAI agentic suite, which continuously analyzes network changes, prioritizes risks, and recommends remediation across IT, OT, IoT, and IoMT. For engineering teams, that points to several key initiatives:
- Move beyond segment and forget: Static VLANs and legacy ACLs are insufficient when OT and physical AI systems change weekly.
- Treat infrastructure devices as high-value assets: Enforce strong identity for routers/switches, lock down management planes, and monitor control-plane behavior for anomalies.
- Converge physical-world observability (OT, IoT, building systems) with network telemetry so you can see exactly how a PLC change or robot command traversed the network.
A Fortinet Accelerate customer from oil and gas summed it up when he admitted he had no idea how many OT devices were connected. That level of blind spot is no longer tenable when physical AI depends on your network fabric.
