Identity in the Agentic AI age

Neha Garg

5 min read

Thoughts from Identity Industry Veteran

The landscape of digital identity has undergone a dramatic transformation over the past two decades. What began as simple username-password combinations has evolved into a sophisticated, critical component of cybersecurity infrastructure. In a recent conversation, identity security expert Mohit Vaish, CEO of CyberSolve shared insights with Neha Garg about how identity management has become the cornerstone of modern security architecture—and what the future holds as AI agents enter the equation.

The Evolution of Digital Identity: More Than Just Credentials

From Backend Data to Security's Front Line

According to Vaish, identity has progressed far beyond its original function as a backend authentication mechanism. "Identity has evolved significantly over the past two decades, moving from being merely IDs and passwords to a fundamental representation of individuals in the digital world," he explains.

This evolution can be understood in three key phases:

Phase 1: Basic Authentication – Identity served primarily as a gatekeeping function with simple credential verification.

Phase 2: Control Plane – Identity became a control mechanism for digital interactions, governing what users could access and do within systems.

Phase 3: Security Foundation – Today, identity has transformed into the core element of security architecture itself.

Garg emphasized the significance of this shift, noting how bold it is to position identity not as a component of security, but as security itself. This perspective fundamentally changes how organizations approach their security posture.

Identity-Centric Detection: Beyond the Perimeter

Debunking the "New Perimeter" Myth

While the phrase "identity is the new perimeter" has become popular in cybersecurity circles, Vaish argues this terminology is misleading. Instead, he advocates for "identity-centric detection and response" as the more accurate framework.

Using an airport passport analogy, Vaish clarifies: "A passport enables trusted movement but is not the border itself. Similarly, identity facilitates secure interactions but is not the perimeter in isolation."

This distinction matters because it shifts focus from static boundary protection to dynamic threat detection and response centered on identity behavior.

The Reality of Identity-Based Attacks

Garg reinforces this perspective by highlighting a critical statistic: the majority of modern cyberattacks originate from compromised or stolen identities. This reality underscores why organizations need comprehensive identity detection and response strategies rather than treating identity as just another security layer.

Solving the Identity Telemetry Noise Problem

Understanding the Root Cause

One of the most persistent challenges facing security teams is the overwhelming volume of alerts and noise generated by identity monitoring systems. Vaish identifies the fundamental issue: organizations are conceptualizing identity incorrectly.

The Airport Security Analogy

Vaish draws a compelling parallel to airport security evolution: "Modern systems detect identities first and then focus on their movement, which effectively reduces noise compared to older systems that focused on changes in pixels."

Traditional security approaches generate alerts based on every change or anomaly in system behavior—similar to monitoring every pixel change on a security camera. In contrast, identity-first approaches:

  1. Establish who or what is performing an action
  2. Baseline normal behavior for that identity
  3. Focus detection on meaningful deviations from established patterns

Moving Beyond Bolt-On Solutions

The key to reducing identity-related noise lies in fundamentally rethinking how organizations identify and track entities within their environments. Technologies that can accomplish this shift away from bolt-on approaches—where identity monitoring is simply added to existing security systems—to integrated, identity-native architectures.

Identity in the Age of AI Agents: New Frontiers and Challenges

The AI Agent Multiplier Effect

As organizations increasingly deploy AI agents to act on behalf of humans, a new dimension of identity complexity emerges. Vaish explains that these agents create a multiplier effect on the attack surface while introducing unpredictable attack vectors.

A New Identity Model for Digital Delegates

Vaish proposes a comprehensive identity framework specifically designed for AI agents, which he calls "digital delegates." This model addresses several unique threat categories:

Agent Impersonation – Malicious actors creating fake agents or hijacking legitimate ones to bypass security controls.

Prompt Poisoning – Manipulating the instructions given to AI agents to alter their behavior in harmful ways.

Delegation Hijacks – Intercepting or redirecting the authority delegated from humans to their AI agents.

Cross-Agent Manipulation – Exploiting interactions between multiple agents to compromise systems laterally.

The Cascading Risk Factor

Garg highlights a particularly concerning aspect of AI agent security: inheritance of user capabilities. When large language models (LLMs) and AI agents inherit the full permissions of their human users, a single compromised user identity can have cascading effects throughout the entire agent network.

This reality makes managing and limiting the controls granted to AI agents not just important, but critical to organizational security.

The Future of Identity Management: Intent-Driven Defense

Vision for 5-10 Years Ahead

Looking toward the future, Vaish envisions a convergence of detection, response, and identification into what he calls "identity-intent-driven defense." This approach represents a fundamental shift in how organizations think about identity security.

Key Components of Future Identity Systems

Continuous Trust Scoring – Real-time assessment of identity trustworthiness based on multiple factors and behaviors.

Behavior Baselining – Establishing normal patterns based on transactional activities rather than static rules.

Automated Response Loops – Systems capable of quarantining risky identities proactively, before breaches occur rather than responding after the fact.

From IAM to Intent and Action Management

Perhaps most significantly, Vaish suggests reframing "Identity and Access Management" (IAM) as "Intent and Action Management." This linguistic and conceptual shift emphasizes:

  • Continuous monitoring rather than point-in-time verification
  • Behavioral aspects of identities over static attributes
  • Understanding the "why" behind actions, not just the "what" and "who"

This evolution reflects a more dynamic, context-aware approach to identity security that aligns with the complexity of modern digital environments.

Preparing IAM Systems for the AI Agent Era

The Dual Nature of AI Agents

When asked how organizations should prepare their IAM systems for AI agents, Vaish recommends analyzing these entities through two complementary lenses:

AI Agents as Quasi-Humans:

  • Permission assignment and management
  • Least privilege principles
  • Separation of duties
  • Behavior monitoring and anomaly detection

AI Agents as Software Systems:

  • Secrets management
  • Integration with Privileged Access Management (PAM)
  • Explainability requirements
  • Robust logging and audit trails

Proficiency and Role-Based Management

Vaish confirms that organizations can and should assign proficiency levels and roles to AI agents, similar to human user management. This approach enables:

  • Granular control over agent capabilities
  • Clear accountability for agent actions
  • Scalable management as agent populations grow
  • Risk-appropriate access provisioning

Key Takeaways for Organizations

As identity continues its evolution from simple authentication to the foundation of security architecture, organizations should consider:

  1. Adopt Identity-Centric Thinking – Position identity as the core of your security strategy, not merely a component.
  2. Focus on Behavior, Not Just Access – Implement systems that understand normal identity behavior and detect meaningful deviations.
  3. Prepare for AI Agent Identity – Develop frameworks now for managing the unique identity challenges posed by AI agents and digital delegates.
  4. Reduce Noise Through Better Architecture – Invest in identity-first security architectures rather than bolting identity monitoring onto existing systems.
  5. Think Intent, Not Just Access – Shift from managing what identities can access to understanding and governing what they intend to do.

Conclusion

The evolution of digital identity from simple credentials to the cornerstone of cybersecurity represents one of the most significant shifts in information security. As Mohit Vaish's insights reveal, this transformation is far from complete. With AI agents introducing new complexities and attack surfaces, the future of identity management lies in intent-driven defense, continuous trust assessment, and behavioral understanding.

Organizations that grasp this evolution and prepare accordingly will be better positioned to secure their digital environments in an increasingly complex threat landscape. The question is no longer whether identity is important to security—it's how quickly organizations can embrace identity as security itself.

Read more