Event Recap: AI Agent Identity Security: Governing Autonomous Access Across the Enterprise
New York City, New York | Butter | April 30th, 2026
Moderator & Panel
Oded Hareven
Akeyless
Quiessence Phillips
Kroll
Nader Nassar
Capital One
Jimmy Kaw
Amazon Web Services
Pradeep Jeyachandran
Bill
Executive Summary
Enterprises are advancing from early AI experimentation into controlled deployment, but progress remains uneven across industries. Most organizations are still in exploratory or early production phases, prioritizing internal efficiency gains, low-risk use cases, and selective automation. Heavily regulated sectors are progressing more cautiously, balancing innovation with governance, compliance, and risk management requirements. Across industries, the immediate focus is less on transformation and more on understanding how AI fits within existing operational and security frameworks.
As adoption accelerates, the nature of risk is shifting. Initial concerns centered on securing human interaction with AI systems, but attention is now moving toward securing autonomous actions taken by agents. These systems operate at machine speed, often in non-deterministic ways, introducing challenges that traditional governance, identity, and logging frameworks were not designed to address. Runtime decision-making, dynamic authorization, and continuous validation are becoming essential as enterprises move toward agent-driven workflows.
At the same time, organizations are struggling to quantify value. While efficiency gains are widely reported, few have established reliable baselines or frameworks to measure ROI. This is compounded by the emergence of token-based cost models and the rapid proliferation of AI agents, which can scale faster than governance structures. The result is a growing need for disciplined frameworks that balance experimentation with control, enabling organizations to scale AI responsibly without introducing systemic risk.
Key Themes
Key Themes
-
Early-stage adoption with uneven maturity.
Most enterprises remain in experimental phases, prioritizing internal productivity and low-risk use cases rather than full-scale transformation. -
Shift from human-to-AI security to agent-to-system security.
Risk focus is moving toward securing autonomous agent actions and their interactions with enterprise systems. -
Runtime governance as a new requirement.
Traditional design-time controls are insufficient, requiring real-time enforcement of security, authorization, and validation. -
Lack of clear ROI measurement frameworks.
Many organizations struggle to quantify value due to missing baselines, inconsistent metrics, and difficulty translating efficiency gains into financial outcomes. -
Rapid proliferation of agents and operational complexity.
The number of AI agents is scaling quickly, creating challenges in visibility, governance, and user adoption.
Actionable Takeaways for Enterprise Leaders
Actionable Takeaways for Enterprise Leaders
-
Prioritize governance before scaling high-risk use cases.
Deploy AI in low-risk, internal workflows first while building governance models for broader adoption. -
Implement runtime authorization and validation controls.
Shift from static, design-time policies to dynamic, session-based authorization and continuous validation of actions. -
Adopt a layered security model for AI systems.
Structure governance across data, identity, and control layers to simplify risk management and enforcement. -
Establish baselines for process performance.
Measure current task duration, cost, and output quality before introducing AI to enable meaningful ROI evaluation. -
Frame AI value in terms of business outcomes.
Move beyond time savings and define how AI contributes to revenue growth, risk reduction, or competitive advantage. -
Use sandbox and staged deployment models for agents.
Enable experimentation in isolated environments before promoting validated solutions to production. -
Control agent sprawl through centralized visibility.
Track and categorize agents to prevent duplication, unmanaged growth, and user confusion. -
Enforce just-in-time access and ephemeral credentials.
Reduce risk by limiting access duration and scope for both users and AI agents. -
Prepare for emerging agent-based threat models.
Anticipate misuse, unintended actions, and AI-driven security risks, and design controls accordingly. -
Align security as an enabler, not a blocker.
Embed controls into workflows so security supports innovation rather than slowing adoption.
Sponsors
Trusted by Global 2000 enterprises and industry leaders, Akeyless is redefining identity security for the AI era. The company’s Identity Security Platform delivers comprehensive protection for machines, AI agents, and human identities through a single, cloud-native solution. Backed by leading cybersecurity investors including JVP, Team8, NGP Capital, and Deutsche Bank, Akeyless enables organizations to eliminate standing privileges and static credentials while simplifying identity management across all environments. For more information, visit www.akeyless.io.
Since 2006, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud. AWS has been continually expanding its services to support virtually any workload, and it now has more than 240 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, media, and application development, deployment, and management from 108 Availability Zones within 34 geographic regions, with announced plans for 18 more Availability Zones and six more AWS Regions in Mexico, New Zealand, the Kingdom of Saudi Arabia, Taiwan, Thailand, and the AWS European Sovereign Cloud. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. To learn more about AWS, visit aws.amazon.com.