FEATURE
Each machine or agent requires its own identity and CyberArk research shows that machine identities already outnumber human ones by 82 to 1.
There are also concerns around AI bias and transparency. Models are only as reliable as the data they are trained on. If that data is biased then risk scoring user classification and access decisions will reflect those flaws. With agentic AI often operating as a black box misclassifications may only become visible after a serious failure or ethical issue emerges.
Integration remains another obstacle. Many organisations are introducing AI-based tools while still relying on legacy systems never designed for this level of automation. As a result teams often lack clear playbooks for aligning AI-driven operations with existing security and compliance frameworks.
As AI accelerates machine identity growth zero trust becomes even more critical. Its core principle of“ always verify never trust” must now apply equally to human and machine identities.
AI-powered machine identity security strengthens zero trust by enabling continuous contextual validation. Policies no longer need to be static. Behaviour-based rules can be adjusted in real time based on context and intent.
This approach supports just-in-time access and zero standing privileges where permissions are granted only when needed and removed immediately afterwards. The result is a reduced attack surface and lower risk of credential misuse.
Looking ahead security teams must adapt to a world where autonomous systems create and manage identities independently. AI tools are not a replacement for Security Operations Centre analysts but they can enhance pattern recognition and monitoring at scale.
A promising shift is emerging towards intentbased security. Rather than focusing solely on infrastructure protection organisations are beginning to assess the purpose and behaviour of agents themselves.
This requires a unified source of truth for autonomous entities similar to a configuration management database. From there
26
INTELLIGENT CIO APAC www. intelligentcio. com