International 
Politics 
Local 
Finance 
Sports 
Entertainment 
Lifestyle 
Technology 
Literature 
Science 
Health 
1 hour ago
3
Ariel Zamir is Co-Founder & CEO of Ray Security.
getty
Organizations have spent decades refining how they onboard and offboard employees. When someone joins a company, IT provisions accounts, assigns permissions and grants access to the systems they need. When that person leaves, a formal process kicks in: Accounts are disabled, credentials are revoked and integrations are removed.
When an AI agent is abandoned, replaced or simply forgotten, none of that typically happens.
The Identity Life Cycle Gap In The Agentic Era
Enterprises are deploying AI agents at a pace that their security and governance functions were not built to absorb. These systems connect to email platforms, CRM tools, cloud storage, internal knowledge bases and collaboration environments. They automate repetitive work, accelerate analysis and handle operational tasks that used to require human involvement. The business case is easy to make. The governance case is far harder to execute.
According to Gartner, by 2026, 40% of enterprise applications will feature embedded AI agents, up from less than 5% in early 2025. That is not a gradual shift but a structural change in how enterprises operate, and most identity and access management frameworks were not designed for it.
The problem is not that AI agents are inherently dangerous. The more common risk is mundane:
• Legitimate access that persists long after its original purpose has ended
• An AI assistant connected to a CRM during a pilot that was never formally concluded
• An orchestration tool with inherited permissions from the employee who configured it, who has since left the company
In many organizations, no one is actively monitoring whether that access still makes sense.
This is a version of a problem security teams already know well. Excessive identities and forgotten integrations create hidden security risks. AI agents introduce the same issue at a different scale and with a different character. Unlike a static application, an AI agent may interact across multiple systems dynamically, retrieve and process sensitive information and take actions without a human initiating each step. A forgotten integration is passive. A forgotten AI agent may not be.
The pace of experimentation makes this worse. Teams regularly spin up new tools, test vendors and build automations. Workflows evolve quickly. Projects are deprioritized or replaced. Access permissions, however, are rarely revisited at the same speed. Broad access gets granted because it is operationally easier than continuously scoping permissions as usage changes. The result is an expanding surface area of nonhuman identities whose actual activity no longer matches their granted privileges.
Traditional identity governance was built around human users and relatively stable enterprise applications. It assumed identities were persistent, visible and attached to people who could be held accountable. AI agents challenge each of those assumptions. They can be deployed in minutes, be modified continuously and operate across multiple environments simultaneously. They do not appear in org charts. They do not badge into buildings. And unlike employees, many of them will never receive an exit interview.
Getting this under control requires moving on three fronts:
1. Visibility
Organizations cannot govern what they cannot see. Security and IT teams need a current, accurate inventory of which AI agents exist, what systems they are connected to, what data they can access and whether that access was intentional or inherited. In most enterprises today, that inventory does not exist.
2. Life Cycle Discipline
AI agents should be subject to the same provisioning and deprovisioning logic applied to human identities. That means defining ownership at the point of deployment, building in periodic access reviews and establishing a clear process for retiring agents when the use case they were built for no longer applies. Access that is not actively maintained should not persist by default.
3. Moving Away From Static Permissions
The broader direction for identity governance needs to shift toward models that evaluate access based on actual behavior and usage, not on what was granted at the point of setup. An agent that has not accessed a system in 90 days probably should not retain full permissions to it. Continuous evaluation, rather than periodic audits, is where this needs to go.
Governing Agents Like Enterprise Identities
None of this requires treating AI agents as threats. Most of the risk in this space does not come from malicious systems. It comes from well-intentioned deployments that outlive their purpose and accumulate access that no one is actively reviewing.
The organizations that will manage this well are not necessarily the ones moving slowest on AI adoption. They are the ones that recognize a simple reality: As the number of nonhuman identities in the enterprise grows, the assumptions underlying identity security need to grow with it. The identity perimeter is no longer exclusively human.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
English (US)