AI agent governance gaps surface at EIC 2026 in Berlin

At a glance

What this is: This is a conference session preview centered on AI agent governance, with a key finding that human-centric identity models create security gaps once autonomous actors start operating across systems.

Why it matters: It matters because IAM and NHI teams need to decide how to authenticate, authorize, and continuously govern AI agents before those gaps turn into unmanaged access.

👉 Read SailPoint's EIC 2026 sessions on AI agent governance and synthetic actors

Context

AI agent governance is becoming an identity problem, not just an automation problem. Once software can act autonomously, request access, and influence systems across the enterprise, the old assumption that only humans need durable identity controls starts to break down. That is the core NHI governance gap this EIC 2026 session is pointing at, with the event taking place in Berlin on 2026-05-19.

The article frames agentic AI as a trust and control challenge built around intent, ownership, and operational authority. That is consistent with the way NHI governance is evolving more broadly: security teams need to know who or what created an actor, what it is allowed to do, and how those rights are verified over time. For practitioners, the starting position is still atypical because most enterprises have not yet built governance for autonomous actors at scale.

Key questions

Q: How should security teams govern AI agents as identities?

A: Treat AI agents as production NHIs with explicit ownership, purpose, and revocation paths. Give each agent only the permissions needed for a defined task, then revalidate access as context changes. The goal is to make agent behaviour auditable and reversible, not merely authenticated.

Q: Why do human-centric IAM models break down for agentic AI?

A: Human-centric models assume relatively stable users, predictable workflows, and bounded access patterns. AI agents can change behaviour at runtime, chain tool use, and act without direct supervision, so one-time onboarding controls are not enough. Security teams need continuous authorization and lifecycle governance for the access they grant.

Q: What is the difference between identity for humans and identity for AI agents?

A: Human identity is usually tied to a person, while agent identity is tied to a software actor with execution authority. That means the main control problem shifts from proving a person’s presence to governing purpose, delegation, and runtime behaviour. Agent identity therefore needs tighter scope and faster revocation.

Q: When does AI agent access become a privileged access problem?

A: It becomes privileged access when the agent can reach sensitive systems, alter data, call administrative APIs, or chain multiple tools in ways that increase blast radius. At that point, PAM principles, least privilege, and just-in-time access should apply, because the agent can cause the same impact as a human administrator.

Background and context

Why intent matters in AI agent identity governance

Intent is the control problem beneath agentic AI governance. An agent may be allowed to perform a task, but the security question is whether the task remains aligned with its original purpose as context changes. That requires more than authentication. It requires binding identity to purpose, ownership, and operating scope, then re-evaluating those bindings as the agent interacts with tools and data. In NHI terms, the risk is not only credential misuse, but mission drift across a live execution path.

Practical implication: Map every agent to an explicit purpose, owner, and permission boundary before it is allowed to act.

Synthetic identities need continuous trust verification

AI agents behave like synthetic actors because they can request access, make decisions, and persist across systems without human supervision. Standard IAM controls assume stable users and relatively static entitlements, but agent behaviour changes with prompts, tool access, and workflow context. That makes continuous verification essential. Security teams need runtime checks that confirm the actor, its delegated rights, and the legitimacy of each action rather than relying on one-time onboarding decisions.

Practical implication: Treat each agent action as a new authorization event, not a one-time trust decision.

What breaks when human-centric governance is applied to agents

Human-centric governance models are built around people with limited, reviewable access patterns. Agents compress multiple identities, tasks, and tool interactions into a single operating surface, which creates ambiguity about who is accountable when something goes wrong. Without lifecycle controls, revocation paths, and clear ownership, the result is privilege accumulation and weak incident traceability. That is why agent governance belongs in the same control conversation as NHI lifecycle management, not in a separate AI-only policy layer.

Practical implication: Extend lifecycle, review, and revocation controls to agents before their access patterns become entrenched.

NHI Mgmt Group analysis

AI agent identity is now an NHI governance issue, not a future concept. Once agents can perform tasks and make decisions autonomously, they fit the same control category as service accounts, API keys, and other non-human identities. The difference is that their behaviour can shift at runtime, which makes static policy insufficient. Practitioners should treat agent identity as production identity from day one.

Intent is the missing control layer in most current IAM models. Identity systems can tell you who authenticated, but they often cannot tell you whether the action still aligns with the agent’s original mission. That gap becomes material when agents chain tool use, call external services, or act on stale context. The field needs policy that binds purpose to authority and revalidates both as conditions change.

Adaptive identity will be required for autonomous actors. The article points toward a model where authentication, authorization, and accountability are evaluated continuously rather than at onboarding alone. That aligns with Zero Trust Architecture and Zero Standing Privilege principles, but the practical challenge is extending them to software actors that do not behave like humans. Security teams should plan for runtime governance, not just identity registration.

Agentic AI will force IAM and NHI teams to converge. The more agents resemble first-class digital actors, the less sense it makes to manage them in a separate AI sandbox. Access governance, secret handling, offboarding, and monitoring all become shared responsibilities. The practitioner takeaway is straightforward: if your NHI programme does not already cover autonomous actors, it will soon be incomplete.

Purpose-based governance is the right framing for synthetic actors. The session’s emphasis on intent is useful because it shifts the conversation from what an agent can technically do to what it is supposed to do. That is the level at which security decisions become auditable and defensible. Teams should build agent controls around purpose, ownership, and revocation, then test those controls against real workflows.

From our research:

• 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
• 92% of organisations expose NHIs to third parties, raising concerns about supply chain security.
• Forward pivot: Teams that are expanding into agentic AI should pair lifecycle governance with the OWASP NHI Top 10 to account for tool misuse and identity abuse.

What this signals

Identity teams should expect agent governance to converge with NHI lifecycle management faster than many roadmaps assume. As AI agents become operational actors, the decision is no longer whether to invent a separate control model, but whether existing identity governance can absorb autonomous behaviour without losing accountability. The programme implication is clear: ownership, review, and revocation must cover software actors as well as staff accounts.

Ephemeral access will not solve the deeper trust problem on its own. JIT access can reduce standing privilege, but it does not prove that an agent is still acting within approved intent. The broader control challenge is proving that the actor, purpose, and tool use still match the original authorization. That pushes teams toward policy-based runtime verification, not just shorter-lived credentials.

With 1 in 4 organisations already investing in dedicated NHI security capabilities, the market is signalling that autonomous identities are moving from edge case to programme priority. Teams that wait for an AI-specific exception process will end up retrofitting governance under pressure. The better move is to extend existing NHI controls into agent workflows now, then test them against the NIST Cybersecurity Framework 2.0 functions for identify, protect, detect, respond, and recover.

For practitioners

• Define agent purpose at onboarding Require every AI agent to have a named business purpose, an accountable owner, and a written scope of allowed actions before it touches production systems.
• Bind agent access to runtime checks Verify the agent, its delegated rights, and the current workflow context at each high-risk action instead of relying on a single initial login event.
• Extend lifecycle controls to synthetic actors Apply provisioning, review, rotation, and revocation processes to agents the same way you would for other privileged NHIs.
• Separate task scope from standing authority Use just-in-time access and narrow tool permissions so an agent cannot retain broader access after the task is complete.

Key takeaways

• AI agents create an identity governance problem because they execute with authority, not just intent.
• Static IAM controls are insufficient when autonomy, context, and tool access can change at runtime.
• Practitioners should extend NHI lifecycle, privilege, and revocation controls to agents before they scale.

Key terms

• Synthetic Identity: A synthetic identity is a software-based actor that can authenticate, request access, and execute actions without being a human user. In practice, this includes AI agents, bots, service accounts, tokens, and other machine identities that need clear ownership, scope, and revocation.
• Intent-Based Governance: Intent-based governance ties access decisions to the purpose an actor is meant to serve, not just the credentials it presents. For AI agents, this means security teams must track why the agent exists, what it may do, and when its authority should be withdrawn.
• Adaptive Identity: Adaptive identity is a control approach that updates trust decisions as context changes, rather than granting access once and assuming it remains valid. For autonomous actors, it means identity, authorization, and monitoring must work together during execution, not only at onboarding.
• Identity Blast Radius: Identity blast radius is the amount of damage a compromised identity can cause across systems, data, and workflows. For NHIs and AI agents, it is shaped by privilege scope, tool access, and how quickly credentials or permissions can be revoked after misuse.

What to expect at the briefing

SailPoint's full event preview covers the operational detail this post intentionally leaves for the source:

• Session-level framing for AI agent intent, ownership, and accountability at EIC 2026
• Panel discussion context on synthetic identities and autonomous behavior across complex ecosystems
• Speaker and timing details for the Berlin sessions that practitioners can use to plan attendance
• Meeting logistics for attendees who want to discuss AI workforce governance on site

👉 SailPoint's full event preview covers the session themes, speaker context, and meeting availability at EIC 2026.

Deepen your knowledge

AI agent governance and synthetic identity controls are covered in our NHI Foundation Level course, the industry's only accredited NHI security programme. If your team is beginning to formalise agent oversight, this course gives you the identity-first foundation to do it with less guesswork.