"Identity security is the discipline concerned with reducing all aspects of identity-related risk, which requires identifying, governing, and protecting all identities within an organization. The discipline is growing in complexity. In the past, security teams focused on human identities and ensuring they had the right level of access to the resources they needed to do their jobs. In recent years, this focus has expanded to securing machine identities to protect secrets, certificates, and workloads."
"AI agents are machines by definition, but their abilities to make decisions and to learn are more similar to human capabilities. Agentic AI uses advanced algorithms and machine learning to perform tasks and make decisions on behalf of people. Agents in complex agentic AI systems can perceive their environment, process information, make decisions, and even learn and improve over time. That makes these agents more than machine identities. They can also work independently with minimal human prompts and oversight."
"Scale and oversight are significant challenges with AI identities, just as they have been with machine identities. Traditional machine identities now outnumber human identities 82:1, and by 2028, 33% of enterprise software applications will include agentic AI, up from less than 1% in 2024, according to Gartner. Organizations must onboard these identities, give them appropriate access, manage them, and eventually deprovision them. Taking those steps would be challenging enough with human or machine identities. Introducing AI identities adds much more complexity."
Identity security focuses on reducing identity-related risk by identifying, governing, and protecting all organizational identities. Security responsibilities have expanded from human access control to include machine identities responsible for secrets, certificates, and workloads. Agentic AI introduces identities that combine machine status with human-like decision-making and learning abilities, enabling perception, autonomous decision making, and ongoing improvement. The scale of non-human identities already greatly exceeds human identities, and adoption of agentic AI in enterprise software is projected to rise sharply by 2028. Organizations must onboard, provision appropriate access, manage, and deprovision AI agents while defining privilege levels and oversight.
Read at Harvard Business Review
Unable to calculate read time
Collection
[
|
...
]