Security Challenges Posed by AI Agents and the Need for AI-Driven Security Tools

The video features Frank Vukovitz, Chief Security Scientist at Delinea, discussing the security challenges posed by AI agents as a distinct category of non-human identities. AI agents operate autonomously, communicate with other agents, and function 24/7 at high speed, complicating access control and authorization due to their dynamic intent and potential for unintended actions. Traditional identity governance models—designed for humans or static machine identities—struggle to manage agents, which may alter their own behavior or be manipulated via prompt injection, creating insider-like threats. By 2027 or 2028, IDC projects 1.3 billion AI agents will exist, necessitating AI-driven security tools to monitor their activities in real time, as manual oversight is infeasible. The conversation highlights "shadow AI"—unauthorized or unmonitored agents embedded in enterprise software—and emphasizes the need for discovery, least-privilege access, and continuous monitoring to mitigate risks. Vukovitz argues that while AI agents expand the attack surface, AI-powered security solutions will ultimately improve defenses by enabling faster detection and response. The discussion also touches on parallels with past technological shifts (e.g., BYOD, GDPR) and the importance of integrating people, process, and technology to govern AI securely.