Managing agent identities differs sharply from human identity governance.
The rapid rise of AI agents promises transformative productivity gains but poses unprecedented security risks, particularly in identity and access management, say industry leaders.
According to CRN, Accenture's Damon McDougald and others have warned that without robust safeguards, autonomous agents, capable of reasoning, decision-making, and task execution, could cause major breaches.
Experts stressed that managing agent identities differs sharply from human identity governance, requiring real-time oversight, granular permissions, and lifecycle controls. Vendors like SailPoint, Okta, Ping Identity, and Microsoft are racing to address these challenges, with solutions ranging from secure onboarding to advanced authentication and policy enforcement.
Microsoft's Entra Agent ID, for example, aims to curb sprawl and strengthen visibility, while red-team testing targets unique agent vulnerabilities. Emerging standards like Google Cloud's secure-by-default Agent2Agent protocol are also key to safe agent interaction.
Ultimately, solution providers see vast opportunities in helping organisations securely deploy AI agents, as the complexity, and corresponding risk, far exceeds that of earlier GenAI applications.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
