CISOs navigate AI risks: For enterprises, the launch reflects a broader industry shift toward identity-centric cybersecurity models as organizations deploy generative AI tools, autonomous agents, and cloud-native applications at scale.Analysts say the growing number of non-human identities is creating operational and security challenges because many existing identity systems were originally built to manage employees and IT administrators rather than AI agents and automated services.”A self-contained AI agent can engage with systems, initiate processes, and make decisions without any form of human validation. This presents a much bigger threat surface. Current technologies that help manage this issue address only some aspects of the problem, many having been built without the intent of handling machine speed, highly dynamic environments,” said Devroop Dhar, co-founder and CEO at Primus Partners.As identity, cloud security, artificial intelligence governance, and SOC workflows continue to converge, organizations will find themselves becoming more and more reliant on one particular ecosystem, Dhar said. The advantage here is ease of operation, a consolidated view, and greater integration.The downside is less flexibility over time. Breaking away from the system at a later date may prove challenging since identity management procedures and other processes will be woven deeply into business operations. In the coming years, CISOs will favour ecosystems that support open architectures, Dhar noted.Analysts also caution that none of the platforms eliminates the need for multilayered security. Organizations will need to maintain good identity hygiene practices, implement least privilege, utilize MFA, rotate credentials, and conduct constant monitoring.”Another aspect to address relates to agent governance. There must be a clear understanding of what assets can be accessed by agents, under what circumstances human intervention is required, and how agent activities are monitored,” said Dhar.Enterprises must invest in prompt filtering systems to prevent prompt injection attacks, which currently stand as the largest vulnerability in AI systems, Jaju said. “They should also engage in continuous adversarial testing and agentic red teaming before deploying any autonomous system into a production environment.”
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4170761/palo-alto-bets-on-identity-security-for-autonomous-ai-with-idira-launch.html
