Industry Webinar: Identity-First Security for AI Agents
How to secure this new and fast paced identity ecosystem
AI agents have the potential to drive huge disruption to an array of use cases and benefactors across nearly all sectors of the global economy. From healthcare and public services, to more productive use of employee time and improving eCommerce and online interactions, it seems AI and the use of agents can deliver material impact for productivity, security and revenue.
However they also pose a significant security risk if not implemented correctly. Risk to the underlying data sources - which often contains PII, PHI or valuable intellectual property - and also to the end users of such systems.
The management of such identities brings some new functional and non-functional requirements. Absolutely we have similarities with existing non-human identity and workload management platforms - namely around scale, credential management and the like. We also see however the nuance often associated with people-centric systems. Non-deterministic behaviour, goal-orientation as opposed to specific task completion as well as variance as it pertains to access and permissions.
Whilst AI agents do bring an entirely different set of requirements, we mustn’t lose our bearings with respect to what the industry has learnt over the past 3 decades as it relates to human-focused identity and access management. We are going to need some of the same concepts - just deployed and managed in different ways.
If we just focus on IAM related ideas for a second, we need to start thinking how we are going to answer questions like the above. Do we need to? How should we go about it? Concepts like discovery, monitoring, right-sizing of permissions and secure on-boarding all seem vitally important.
The AI space is moving rapidly and the risk of shadow-systems that are not properly designed from an identity or security point is high.
Our next industry webinar is going to be on this topic. We’ll dive into the nuances of AI agents, what they are, what capabilities we might need to manage them, and how those requirements can be solved. Our founder Simon Moffatt will be in conversation with Ido Shlomo from Token Security.
