Report: Agentic AI Is An Identity Problem And Cisos Will Be Accountable For...

By Itamar Apelblat, CEO & Co-founder, Token Security

If you are a CISO today, agentic AI probably feels familiar in an uncomfortable way. The technology is new, but the pattern is not. Business leaders are pushing hard to deploy AI agents across the organization, while security teams are expected to make it safe without slowing anything down.

That tension has existed before with cloud, SaaS, and DevOps. Each time, identity sat at the center of both the risk and the solution.

Agentic AI is no different. It is not primarily an AI governance problem. It is an identity problem, and CISOs will ultimately own the outcome.

For years, security programs were designed around human identities. Employees and contractors were centralized, roles were defined, access was reviewed, and offboarding was predictable. Machine identities disrupted that model by multiplying rapidly and spreading across clouds, pipelines, and SaaS platforms. Governance lagged, but the core assumptions still held. AI agents break those assumptions entirely.

AI agents represent a new class of identity. They behave with intent like humans, yet operate with the scale and persistence of machines. They are decentralized by default, easy to create, and capable of acting across multiple systems without direct human involvement.

From an identity perspective, this is the most complex combination possible. These agents authenticate, authorize, and take action, but they do not fit cleanly into existing identity models.

AI agents aren't just following instructions, they're taking action.

See how Token Security is helping enterprises redefine access control for the age of Agentic AI, where actions, intent, and accountability must align.

This matters because identity remains the most common root cause of breaches. Credentials are abused. Privileges accumulate. Ownership becomes unclear. Agentic AI amplifies all of these risks at once.

Source: BleepingComputer