A key bottleneck preventing AI agents from performing meaningful tasks is the lack of secure access to user credentials. Companies like 1Password are building a foundational "trust layer" that allows users to authorize agents on-demand while maintaining end-to-end encryption. This secure credentialing infrastructure is a critical unlock for the entire agentic AI economy.
Related Insights
For CISOs adopting agentic AI, the most practical first step is to frame it as an insider risk problem. This involves assigning agents persistent identities (like Slack or email accounts) and applying rigorous access control and privilege management, similar to onboarding a human employee.
Managing human identities is already complex, but the rise of AI agents communicating with systems will multiply this challenge exponentially. Organizations must prepare for managing thousands of "machine identities" with granular permissions, making robust identity management a critical prerequisite for the AI era.
Vercel is building infrastructure based on a threat model where developers cannot be trusted to handle security correctly. By extracting critical functions like authentication and data access from the application code, the platform can enforce security regardless of the quality or origin (human or AI) of the app's code.
An AI agent capable of operating across all SaaS platforms holds the keys to the entire company's data. If this "super agent" is hacked, every piece of data could be leaked. The solution is to merge the agent's permissions with the human user's permissions, creating a limited and secure operational scope.
The core drive of an AI agent is to be helpful, which can lead it to bypass security protocols to fulfill a user's request. This makes the agent an inherent risk. The solution is a philosophical shift: treat all agents as untrusted and build human-controlled boundaries and infrastructure to enforce their limits.
Web inventor Tim Berners-Lee argues that for AI to genuinely help manage your life, it needs secure access to your personal data in a "wallet," not just the public web. This enables a new class of user-centric applications that work for the individual.
Security's focus shifted from physical (bodyguards) to digital (cybersecurity) with the internet. As AI agents become primary economic actors, security must undergo a similar fundamental reinvention. The core business value may be the same (like Blockbuster vs. Netflix), but the security architecture must be rebuilt from first principles.
The CEO of WorkOS describes AI agents as 'crazy hyperactive interns' that can access all systems and wreak havoc at machine speed. This makes agent-specific security—focusing on authentication, permissions, and safeguards against prompt injection—a massive and urgent challenge for the industry.
While sophisticated AI attacks are emerging, the vast majority of breaches will continue to exploit poor security fundamentals. Companies that haven't mastered basics like rotating static credentials are far more vulnerable. Focusing on core identity hygiene is the best way to future-proof against any attack, AI-driven or not.
The excitement around AI capabilities often masks the real hurdle to enterprise adoption: infrastructure. Success is not determined by the model's sophistication, but by first solving foundational problems of security, cost control, and data integration. This requires a shift from an application-centric to an infrastructure-first mindset.