SAN FRANCISCO – AI has rapidly shifted from simple chatbots to intelligent systems that take action, use tools, and follow multi-step processes. AI agents are now embedded across the enterprise, driving productivity, accelerating workflows and reducing costs. But they’re also introducing a new class of identity risks.AI agents require an identity to act. In 2025, enterprises around the globe had 28.6 million active AI agents deployed – a number projected to grow to over 2.2 billion by 2030.[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]That growth has driven an explosion in identities and expanding the cyberattack surface just as quickly. Non-human identities (NHIs) don’t operate the same way as human identities, and treating them the same creates risk. They lack clear ownership and they often have a fragmented management process.Unlike human accounts, NHIs are frequently created on-demand by developers or applications, often without centralized oversight. They also don’t fit into legacy, on-premises privileged access management (PAM) models built to govern human users. That leaves clear gaps for attackers to exploit.Identity has become the nucleus of the modern digital ecosystem and was a central theme of Cisco’s Jeetu Patel’s Monday afternoon keynote at the RSA Conference (RSAC) in San Francisco.Patel, Cisco’s president and chief product officer, talked about how AI agents are challenging the foundational assumptions every security architecture was built on. Patel said when identities operate at machine speed and scale, traditional security models break down. AI agents don’t just expand the attack surface, said Patel, they require a new model for establishing trust, granting access, and maintaining ownership.
That risk has already showed up in real-world incidents. A misconfigured Supabase database in Moltbook exposed roughly 1.5 million API authentication tokens just days after the AI agent social network launched.Researchers from Wiz warned that attackers can use exposed tokens to impersonate or control agents, creating insider risks if those agents had access to internal systems, such as Slack or email. Attackers didn’t need to solely attack users – they can hijack the agents which often outnumber humans 100:1, dramatically expanding the attack surface. The industry needs a new approachMany organizations are still applying the same identity practices and technologies used for humans to NHIs, but that approach doesn’t hold up. Modern environments require identity security platforms that are cloud-native and also secure multi-cloud and hybrid infrastructure. Most legacy PAM tools were never designed to manage cloud identities at scale.Security controls need to reflect how environments actually operate today, delivering practical least-privilege controls, automated rotation and visibility across identities that attackers increasingly target.As organizations manage service accounts, APIs and automation created by cloud and AI-driven workflows, security teams have to maintain consistent control across every identity type. Access must remain tightly governed as digital environments become more automated.High-value targets now include service account credentials with broad system access, pipeline tokens tied to source code and deployment systems as well as API keys that can access critical services.Data privacy adds another layer of risk. Cisco's 2026 Data Privacy Benchmark Study found that 90% of organizations have expanded their privacy programs to account for AI, yet only 12% describe their AI governance as mature and proactive.As RSAC goes into full speed, a profound and existential point is clear: An effective identity security platform must broker, monitor and govern identities for not just humans – but also machines, NHIs and AI agents to protect the modern enterprise. Darren Guccione, co-founder and CEO, Keeper SecuritySC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
That risk has already showed up in real-world incidents. A misconfigured Supabase database in Moltbook exposed roughly 1.5 million API authentication tokens just days after the AI agent social network launched.Researchers from Wiz warned that attackers can use exposed tokens to impersonate or control agents, creating insider risks if those agents had access to internal systems, such as Slack or email. Attackers didn’t need to solely attack users – they can hijack the agents which often outnumber humans 100:1, dramatically expanding the attack surface. The industry needs a new approachMany organizations are still applying the same identity practices and technologies used for humans to NHIs, but that approach doesn’t hold up. Modern environments require identity security platforms that are cloud-native and also secure multi-cloud and hybrid infrastructure. Most legacy PAM tools were never designed to manage cloud identities at scale.Security controls need to reflect how environments actually operate today, delivering practical least-privilege controls, automated rotation and visibility across identities that attackers increasingly target.As organizations manage service accounts, APIs and automation created by cloud and AI-driven workflows, security teams have to maintain consistent control across every identity type. Access must remain tightly governed as digital environments become more automated.High-value targets now include service account credentials with broad system access, pipeline tokens tied to source code and deployment systems as well as API keys that can access critical services.Data privacy adds another layer of risk. Cisco's 2026 Data Privacy Benchmark Study found that 90% of organizations have expanded their privacy programs to account for AI, yet only 12% describe their AI governance as mature and proactive.As RSAC goes into full speed, a profound and existential point is clear: An effective identity security platform must broker, monitor and govern identities for not just humans – but also machines, NHIs and AI agents to protect the modern enterprise. Darren Guccione, co-founder and CEO, Keeper SecuritySC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.





