Get your free personalized podcast brief
We scan new podcasts and send you the top 5 insights daily.
Todd McKinnon conceptualizes AI agents not as simple tools but as a fundamentally new identity category. This identity possesses attributes of both a human user (roles, permissions) and a system (automation, being headless). This reframing is central to building the next generation of enterprise security and access management.
Related Insights
The defining characteristic of an enterprise AI agent isn't its intelligence, but its specific, auditable permissions to perform tasks. This reframes the challenge from managing AI 'thinking' to governing AI 'actions' through trackable access controls, similar to how traditional APIs are managed and monitored.
According to Okta's CEO, the most valuable application for AI agents in the enterprise will be orchestrating complex processes that span multiple software silos (e.g., Salesforce, SAP, Content Management). This is a task that has historically been difficult to automate with packaged software and required human intervention, representing a massive new opportunity.
For CISOs adopting agentic AI, the most practical first step is to frame it as an insider risk problem. This involves assigning agents persistent identities (like Slack or email accounts) and applying rigorous access control and privilege management, similar to onboarding a human employee.
Simply giving an agent a user account is dangerous. An agent creator is liable for its actions, and the agent has no right to privacy. This requires a new identity and access management (IAM) paradigm, distinct from human user accounts, to manage liability and oversight.
As AI evolves from single-task tools to autonomous agents, the human role transforms. Instead of simply using AI, professionals will need to manage and oversee multiple AI agents, ensuring their actions are safe, ethical, and aligned with business goals, acting as a critical control layer.
Traditional identity models like SAML and OAuth are insufficient for agents. Agent access must be hyper-ephemeral and contextual, granted dynamically based on a specific task. Instead of static roles, agents need temporary permissions to access specific resources only for the duration of an approved task.
Managing human identities is already complex, but the rise of AI agents communicating with systems will multiply this challenge exponentially. Organizations must prepare for managing thousands of "machine identities" with granular permissions, making robust identity management a critical prerequisite for the AI era.
A single AI agent can provide personalized and secure responses by dynamically adopting the data access permissions of the person querying it. This ensures users only see data they are authorized to view, maintaining granular governance without separate agent instances.
The CEO of WorkOS describes AI agents as 'crazy hyperactive interns' that can access all systems and wreak havoc at machine speed. This makes agent-specific security—focusing on authentication, permissions, and safeguards against prompt injection—a massive and urgent challenge for the industry.
Instead of focusing solely on defending its core business, Okta sees the primary AI opportunity in a new market for managing AI agent identities. CEO Todd McKinnon believes this "agent layer" could become the single largest category in cybersecurity, a market currently worth over $280 billion.