Security Weekly
Full episode and show notes

The Human Authorized. The Agent Acted. Who’s Accountable? – Howard Ting – IDV26 #1

A self-driving car still has a license plate The accountability didn’t change just because the driver did. The same has to be true for AI agents, but most environments can’t trace an agent action back through the layers of delegation to the human who authorized it. Howard Ting, CEO of Opal Security, joins Security Weekly to discuss what the accountability model looks like when employees run swarms of agents, and what has to be in place before that accountability chain is tested. Segment Resources: The State of IGA in 2026 Report: What teams are doing to prepare for Agentic AI https://www.opal.dev/resource-center/identity-governance-report-2026-ai-access. Real World Guide to Implementing Leas...

This episode is sponsored by
Full Segment Notes

A self-driving car still has a license plate The accountability didn't change just because the driver did. The same has to be true for AI agents, but most environments can't trace an agent action back through the layers of delegation to the human who authorized it. Howard Ting, CEO of Opal Security, joins Security Weekly to discuss what the accountability model looks like when employees run swarms of agents, and what has to be in place before that accountability chain is tested.

Segment Resources:

The State of IGA in 2026 Report: What teams are doing to prepare for Agentic AI https://www.opal.dev/resource-center/identity-governance-report-2026-ai-access

Real World Guide to Implementing Least Privilege: https://www.opal.dev/resource-center/real-world-guide-to-least-privilege

How Mercari’s Security Team is Building Guardrails for the AI Era https://www.opal.dev/blog/customer-voices-mercari

Identity Security and the AI Adoption Maturity Curve https://www.opal.dev/blog/identity-security-ai-adoption-curve

Claude Skill for UAR: https://github.com/opalsecurity/claude-skills

This segment is sponsored by Opal Security. Visit https://securityweekly.com/opalidv to learn more about them!

Key Moments
  • 0:00 - Introduction – Identiverse 2026 & Guest Introduction (Howard Ting, Opal Security)
  • 0:21 - AI and Agents Take Center Stage in Identity Security
  • 0:48 - Governing Human vs Non-Human Identities at Scale
  • 01:36 - What’s Different About AI Agents vs Service Accounts
  • 02:04 - Autonomy, Accountability, and Limits of Human-in-the-Loop Models
  • 03:05 - When Human Approval Breaks Down at Scale
  • 04:09 - Runtime Authorization and Continuous Access Decisions
  • 04:51 - Why Identity Needs AI to Manage AI
  • 05:52 - AI-Assisted Access Reviews and Reducing Review Fatigue
  • 06:52 - From Bulk Approvals to Risk-Based Human Judgment
  • 07:26 - Entitlement Models for AI Agents and Future Directions
  • 08:31 - CISO Reality: Discovery First, Control Later
  • 09:12 - Identity Inventory Challenges Repeating in the AI Era
  • 10:28 - Agent Drift, Intent, and Security Guardrails
  • 11:10 - Closing Thoughts – Early Market, Rapid Evolution
Guest
CEO at Opal Security

Howard Ting is the CEO of Opal Security, where he leads the company’s mission to make identity governance and access management understandable, safe, and scalable in the AI era. He began his career at RSA Security over 25 years ago, working on identity management long before it was a mainstream priority, and has since built and led cybersecurity companies including Palo Alto Networks and Cyberhaven, where he served as CEO for five years and grew the company to over $1 billion in valuation.

Howard brings deep expertise at the intersection of AI and identity—specifically how organizations must govern not just human access but the growing swarms of AI agents operating on their behalf. He holds a B.S. in Business Administration from the University of California, Berkeley.

Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

You can skip this ad in 5 seconds