Q&A: CyberArk Security Leader on Why Agentic AI Makes Zero Trust More Important Than Ever

HEALTHTECH: How is AI, especially agentic AI, complicating identity management for organizations?

IYER: Agentic AI, as you can imagine, introduces this notion of autonomous bots and autonomous workloads, the idea being that workloads are spanned automatically by these bots. This makes traditional IAM strategies not really work, because most of these bots are essentially provisioned in such a way that they are autonomous.

They also introduce this notion of behaviors that are driven by what they intend to do, sometimes driven by actions that are very well known and sometimes by actions that are not known at all. Sometimes, it’s completely unpredictable. That introduces challenges around IAM strategies. The traditional identity security controls that you typically use to govern and manage how access is driven doesn’t really work for these autonomous agents. That’s what agentic AI is doing.

HEALTHTECH: What other threats are making identity management more difficult and are important for organizations to be paying attention to?

IYER: When you talk about what other things drive and make identity more challenging in the enterprise, I think of credential phishing or credential management, stolen credentials, phishing and elevated privilege controls. All of these are making identity management extremely difficult, specifically with AI in the mix.

What really happens is the AI agents typically inherit the controls and the access management aspects of the identity from where it is getting called. This means that when these agents execute on actions, many times they are actually inheriting privileges. That makes it very difficult, because we are overprivileged, which increases the risk of credentials being stolen.

EXPLORE: Navigate identity and access management in the era of AI.

HEALTHTECH: How can zero-trust principles help organizations protect themselves against these threats?

IYER: The basics of zero trust are “never trust, always verify.” So, there are certain principles people should consider when they start to implement a zero-trust architecture within their environment. For a long time, people have looked at zero trust as a very human-centric thing. When they decide they are going to implement a zero-trust architecture, they’re predominately looking at it from a human perspective: what information staff get access to and how they get access to it, ensuring that the organization verifies every time there is an access request that needs to be managed.

That completely changes when you think about AI, because in the context of AI, even though we say trust, but verify, the verification part becomes challenging because you don’t think about how these agents themselves are manifested within an environment. What access controls do they have? What are they really doing in terms of getting access to data and other tasks?

In a zero-trust architecture, you still need to do all the things that you’re doing for humans, but a machine-centric view is also important. At CyberArk, we’ve examined many of our customers and their data, and we’ve learned that the ratio of machine to human identities is somewhere around 82 to 1. That means for every human identity, we are seeing 80-plus machine identities out there in the organization.

That makes implementing a zero-trust architecture difficult, because you have to think about not only providing access but also ensuring that these agents have a very granular level of control. They should have the right kind of visibility in terms of what they’re getting access to so that we have the right audit trails and audit mechanisms built into our processes. Most important, organizations need to continuously evaluate how and what these machine identities are accessing and ensure that they implement behavior-based identity as opposed to just the static controls that you typically see in an organization.

HEALTHTECH: Do you have any advice for organizations looking to implement a zero-trust strategy?

IYER: Always look at implementing a zero-trust architecture as a journey. There is no one-click button that says, “Click this, and you have zero trust enabled.” That doesn’t happen anywhere in an organization.

The first step of any implementation around zero trust involves gaining the right kind of visibility, because you need a comprehensive list of identities and you need to know whether they are human or machine, what they have access to, what they are doing, what controls are in place today, and what the current state is of all the identities and accesses that are built around them. That is typically the first step: Build an inventory, gain visibility and then start to understand whether these identities have more access than they are intended to have.

Then, decide how to provide granular access to these identities, whether it is identities that are service accounts — which are extremely overprivileged — or API keys that can do anything and everything if their credentials are stolen due to not being very well secured and protected. These are all the things that you have to start to build an inventory once you have the visibility in place.

READ MORE: How does IAM address the challenges of increasingly complex IT environments?

The next step would be to build a plan around how to take these identities that you have visibility into and map them to ownership. Map the identities to what applications they are tied to and to what business units they’re tied to, then start to think about how to have a continuous security model built into it.

Now that you’ve found thousands of service accounts, API keys and workload identities, how do you manage all these identities and ensure that they have the level of access that they need to perform the action that they’re intended to perform? And once that action is performed, how do you take away the privilege controls to ensure that there is only a certain level of access built into those agents?

In the world of AI — and especially agentic AI — you can extrapolate that knowing the number of identities that exist and the need for zero trust is more important than it has ever been.

HEALTHTECH: Are there any common pitfalls organizations should avoid when it comes to identity management and zero trust?

IYER: From my perspective, common pitfalls include trying to look at both humans and machines in the same way. That’s what I see happening within many organizations. They believe they have a zero-trust strategy and that they can apply it as a blanket strategy for the organization. You can't have the same kind of access control policies and governance models built into the organization security platform in the same way.

That’s one pitfall that people have to consider. Another one is around visibility. People want to implement a zero-trust architecture but don’t consider the fact that they don’t have an absolute inventory. They don’t know who owns which identities. Building that as a first step is super important, especially when you think about why and how you want to deal with these identities.

The third pitfall is considering zero trust a one-time claim. You should be continuously learning from it. This means that you should have a system in place where you look specifically at the agentic AI identities that are tied to your workloads and map them to other workloads those workloads can access. You have a workload that accesses another workload, and this workload could be within your own data center or in the cloud provider’s environment.

Having the right level of access controls at that time will ensure that you start to model that as a way to say, “Next time we implement a new application, we already have a practice in place for how we can implement a zero-trust architecture around these workloads.”

Click the banner below to sign up for HealthTech’s weekly newsletter.

HEALTHTECH: Is there anything you want to add?

IYER: Identity is the new security perimeter. Everything starts with an identity, whether it is for workloads that are being accessed by humans or machines. It’s important for everybody to think about why identity plays a huge role in controls, governance, audit policies and everything else driven by an identity-centric view. That will help bridge the organization’s current state with how you want it to grow, because the number of agentic AI identities are going to grow exponentially.

Treating everything in your organization from an identity-centric point of view will give you a great way to leverage how you want to put policy controls and governance in place. At CyberArk, we talk about identity security as the backbone of everything that organizations need to do. I think that, from that perspective, whether it is human identities, machine identities, workload identities or whether you are looking to federate access from one workload to another, having a fabric of identity security will help protect your organization.