Zero-trust security and artificial intelligence are colliding in ways that are fundamentally changing the nature of enterprise identity.

The rise of agentic AI introduces a new class of identity that combines autonomy, broad access and scale, demanding rethinking of traditional frameworks. Organizations are navigating this shift with urgency, as early missteps are already creating real-world security incidents. That urgency underscores why identity governance now sits at the heart of AI readiness, according to David Bradbury (pictured), chief security officer of Okta Inc.

Okta’s David Bradbury talks about the importance of zero-trust security.

“For years we’ve been securing human identities, and in the past few years we’ve started to refocus and start to look at application identities and non-human identities,” Bradbury said. “This year is a pretty big year for welcoming a new entrant into the workforce, which is the autonomous agentic AI agent. When you think about the three different key features of zero trust, the fact that you need a secure identity, you want to be able to implement least privilege, you want to be able to continuously monitor what they’re doing, all three of those elements apply equally to all of those identity types. But specifically when you think about agentic AI, it is absolutely critical to get those things right if you are ever going to manage and govern those things.”

Bradbury spoke with theCUBE’s Rebecca Knight and Jackie McGuire at Okta’s Oktane event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how zero-trust security is becoming essential to manage the risks of AI agents and protect identities in a rapidly evolving threat landscape. (* Disclosure below.)

Zero-trust security and the risks of AI shortcuts

The pressure to adopt AI has created a climate where companies feel compelled to deploy quickly, often at the expense of safeguards. The boardroom mandate to “do more with AI” has translated into rushed deployments where common missteps surface, Bradbury noted. The most glaring involve reintroducing outdated practices that should have been left behind.

“Sadly, we’ve seen people cutting corners on security,” he said. “We’re using usernames and passwords hard-coded in agents to talk to other services. We’re using static API keys, API keys that have gone the way of the dodo over the past decade. We’ve brought them back to life and we’re putting them in agents.”

Authentication is only one piece of the equation. The proliferation of tokens across dozens of agents and services creates new risks at scale. Without modern approaches to manage and safeguard these tokens, enterprises risk compounding their exposure with every integration. That identity platforms must now help developers secure authentication while containing token sprawl, Bradbury explained.

“Token proliferation is going to be a really big challenge because we’re all going to have dozens of these agents and each agent wants to connect to everything,” he added. “It’s going to pop up and ask you to approve Google Drive access, Slack access, Zoom access, so many different applications it wants to be able to talk to.”

Managing access contexts is another frontier. As AI agents move sensitive data between systems, it becomes critical to distinguish which information should remain isolated and which can be shared. Developers must embrace fine-grained controls to prevent overexposure while maintaining the fluidity that makes these systems valuable, according to Bradbury.

“It’s all about context and MCP the protocol; it’s all about context and passing context around,” he said. “MCP is a pipe; it’s created to allow you to connect to things. It’s not worrying about the content of that pipe and making sure that when I’m pulling from that sensitive system, passing that whole context to the calendar management app may not be the right thing to do.”

The speed of change is unlike anything security teams have faced before, with adversaries innovating in parallel. Phishing attacks, malware leveraging local large language models and pixel-perfect spoofed websites all underscore how quickly tactics evolve. Bradbury’s call to action is clear: The industry must share discoveries openly and collaborate to keep pace.

“Because this is moving so dynamically, it’s moving so quickly, it’s incumbent upon all of us to share this stuff when you see it,” Bradbury explained. “If you are seeing a new novel attack, a new tactic, you need to make sure you get that out in blogs, in Slack groups, in trust groups. Get it out there so that we can consume it and react to it, because everything is moving so fast.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of Okta’s Oktane event:

(* Disclosure: TheCUBE is a paid media partner for Okta’s Oktane event. Neither Okta Inc., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE