AI agents pose new security risks

AI agents are rewriting security policies and bypassing traditional identity and access management (IAM) systems, creating significant security vulnerabilities. Unlike human users, agents operate at machine speed and scale, lacking human judgment and making existing IAM tools insufficient. Companies are struggling to govern these new identities, which often clone human accounts, leading to permission sprawl and undetected malicious activity. Experts emphasize the need for action-level control and improved logging to distinguish agent behavior from human actions, urging a shift towards agent-specific identity frameworks and maturity models to manage these evolving risks.