TL;DR: Malcolm Harkins has been inducted into the CSO Hall of Fame for decades of work in cybersecurity, risk management, and responsible AI adoption, with formal recognition planned at the CSO Cybersecurity Awards & Conference in Nashville, according to HiddenLayer.
At a glance
What this is: HiddenLayer's announcement says its chief security and trust officer has been inducted into the CSO Hall of Fame for work spanning cybersecurity, risk management, and responsible AI adoption.
Why it matters: For IAM and security teams, the signal is that AI governance is becoming a leadership and operating-model issue that touches NHI controls, autonomous systems, and broader risk oversight.
👉 Read HiddenLayer's Hall of Fame announcement for Malcolm Harkins
Context
AI security governance is no longer framed only as a technical protection layer. It increasingly sits at the intersection of identity, trust, operational resilience, and executive accountability, especially as enterprises deploy agentic and generative systems into business workflows.
This HiddenLayer announcement is about recognition, but the underlying issue is broader: security leaders are being evaluated on how well they can govern emerging AI use cases without losing control of access, trust boundaries, and risk ownership. That makes the topic relevant to human IAM, NHI governance, and the early operating models emerging around autonomous systems.
Key questions
Q: How should security teams govern AI systems that act like non-human identities?
A: Treat them as governed identities, not just applications. Assign ownership, define authentication and authorisation boundaries, track what tools they can call, and review their lifecycle from discovery through retirement. If the system can initiate actions or access data independently, its permissions need the same scrutiny applied to other non-human identities.
Q: Why do agentic AI systems change the identity governance problem?
A: They change the problem because behaviour can vary at runtime. Traditional IAM assumes privileges are relatively stable and that review cycles can observe them. Agentic systems can select actions and tools in motion, so governance must focus on scope, approval boundaries, and continuous visibility rather than static role assignment alone.
Q: What should organisations measure in an AI security governance programme?
A: Measure whether every AI workload has a named owner, whether its permissions are documented, and whether runtime actions are logged well enough to support review and containment. If any of those are missing, the programme is not governing behaviour, only documenting intent.
Q: What is the difference between AI security controls and NHI controls?
A: NHI controls focus on identities such as service accounts, keys, tokens, and certificates. AI security controls extend that model to systems that can reason, select tools, and sometimes act autonomously. In practice, the strongest programmes use NHI discipline as the baseline and then add governance for runtime decision-making.
Technical breakdown
AI security leadership as a governance function
The article positions AI security leadership as more than a product or architecture issue. In practice, this role spans risk management, policy setting, cross-functional coordination, and the ability to translate technical controls into business guardrails. That matters because AI systems often cut across identity, data, and application teams, so accountability has to be explicit before deployment. For security organisations, the useful insight is that AI governance fails when it is treated as a side task rather than an operating discipline.
Practical implication: assign clear executive ownership for AI risk decisions, not just implementation tasks.
Why AI lifecycle security depends on identity controls
HiddenLayer notes security across the AI lifecycle, from discovery to runtime protection. That lifecycle framing matters because AI systems are only governable when their identities, permissions, and access paths are known at each stage. Discovery tells you what exists, supply chain controls tell you what was introduced, and runtime protection tells you what the system is allowed to do now. In identity terms, the same model applies to non-human credentials and AI workloads: if access is not visible and scoped, the lifecycle cannot be governed reliably.
Practical implication: map every AI system to its identity, credentials, and permission scope before expanding use.
Agentic AI raises the bar for trust boundaries
The source links AI security with agentic, generative, and predictive systems, which is a useful reminder that not all AI behaves the same way. Agentic systems can act across tools and workflows, so trust boundaries must be designed around what they can initiate, access, and retain. That is different from static automation because behaviour can change during execution. For practitioners, the control challenge is less about the model label and more about whether the system can independently cross from analysis into action without a human checkpoint.
Practical implication: treat agentic workflows as identity subjects that need scoped authority and continuous oversight.
Breaches seen in the wild
- Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
- AI LLM hijack breach — attackers used stolen AWS access keys to hijack Anthropic LLM models on Bedrock.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
AI security recognition is increasingly a proxy for governance maturity. The article is not about a breach or a product launch, but it still reveals where the market is heading: leadership in AI security is being recognised for risk management, resilience, and operational discipline. That is significant because enterprises do not just need tools, they need executives who can align identity, data, and AI controls under one decision model. Practitioners should read this as a signal that AI governance is becoming a board-level accountability issue, not a narrow technical specialty.
Agentic and generative AI security cannot be managed as a bolt-on to traditional IAM. The source ties HiddenLayer's work to discovery, supply chain security, and runtime protection, which reflects a broader truth: AI systems introduce identity-like behaviour across multiple stages of their lifecycle. When access paths, execution paths, and tool use converge, legacy IAM assumptions about fixed roles and stable boundaries become too blunt. The implication is that AI governance must be designed around dynamic behavior and lifecycle visibility, not just entitlement reviews.
AI lifecycle security is now part of NHI governance by definition. HiddenLayer frames protection across discovery, supply chain, and runtime, which aligns with the reality that AI workloads operate as non-human identities in enterprise environments. Once AI systems can authenticate, call tools, and execute tasks, they become part of the same governance surface as service accounts and API-driven automation. Practitioners should therefore evaluate AI controls with the same rigor they use for NHI inventory, rotation, and privilege scope.
The named concept here is AI trust boundary drift. As AI systems move from model development into production workflows, the boundary between observation and action can shift without a corresponding governance change. That is why the key risk is not simply model misuse, but the gradual expansion of what the system is trusted to do. Security teams should treat that drift as a governance problem that must be continuously mapped, reviewed, and contained.
Executive recognition matters because security programmes follow incentives. When AI security leaders are publicly recognised for governance and resilience, it reinforces the direction of travel for enterprise programmes. The field is moving away from narrow threat response and toward lifecycle accountability, cross-domain ownership, and measurable risk reduction. For practitioners, that means the question is no longer whether AI security belongs in governance discussions, but how quickly identity teams can absorb it into their operating model.
From our research:
- 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, which shows that confidence remains far behind deployment pressure.
- For a broader baseline on governance gaps, see NHI Lifecycle Management Guide for how provisioning, rotation, and offboarding should be handled.
What this signals
AI trust boundary drift: as agentic and generative systems move deeper into production workflows, their permissions tend to expand faster than governance models adapt. That creates a practical mismatch for identity teams, who are still trying to anchor ownership, review, and logging around systems that can change behaviour at runtime.
The programme response is to stop treating AI as a separate security silo. HiddenLayer's positioning reflects a broader market shift toward lifecycle-based AI governance, which means identity teams need shared controls for discovery, scope, and offboarding across service accounts, workloads, and AI agents.
The governance gap is already visible in NHI programmes, where 1 in 4 organisations are investing in dedicated NHI security capabilities and 60% plan to follow within twelve months, according to The State of Non-Human Identity Security. That investment trend suggests AI security will increasingly be measured by whether identity teams can prove control, not just intent.
For practitioners
- Map AI systems to identity ownership Create an inventory that links each AI workload or agent to a named owner, its authentication method, and the permissions it can exercise across tools and data sources.
- Review AI lifecycle controls end to end Validate discovery, supply chain checks, runtime restrictions, and offboarding steps as one control chain rather than treating them as separate programmes.
- Set explicit authority boundaries for agentic systems Define which actions require human approval, which can be executed automatically, and which data sources or tools remain off limits during runtime.
- Align AI governance with existing NHI controls Bring AI workloads into the same review cycle used for service accounts, API keys, and other non-human identities so visibility, scope, and accountability stay consistent.
Key takeaways
- The announcement matters because AI security leadership is now being judged as a governance capability, not a narrow technical specialty.
- HiddenLayer's framing reinforces that AI lifecycle security and NHI governance are converging around identity, scope, and runtime control.
- Practitioners should use this signal to tighten ownership, permissions, and approval boundaries before AI systems become harder to govern than the controls around them.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | AI systems acting as identities need clear inventory and ownership. |
| NIST CSF 2.0 | GV.OV-01 | The article is fundamentally about governance and security oversight. |
| NIST Zero Trust (SP 800-207) | AC-4 | Runtime AI access needs explicit policy enforcement and containment. |
Inventory AI workloads as NHI subjects and assign accountable owners before expanding runtime access.
Key terms
- Agentic AI: AI systems that can choose actions and execute them across tools or workflows with limited human intervention. In identity terms, the important question is not whether the model is intelligent, but whether it can exercise runtime authority that needs governance, logging, and containment like any other non-human actor.
- AI Trust Boundary: The point at which an AI system is allowed to move from observation into action, such as calling a tool, accessing data, or changing state. For practitioners, the boundary only works when it is explicit, monitored, and tied to accountable ownership rather than implied by the model's behaviour.
- Non-Human Identity: A digital identity used by software, workloads, or automated systems rather than a person. It includes service accounts, API keys, tokens, certificates, and, increasingly, AI systems that need authentication, authorisation, lifecycle management, and auditability to prevent uncontrolled access.
- Identity Lifecycle: The full management cycle for an identity, from creation and approval to rotation, review, and offboarding. In AI and NHI programmes, lifecycle governance is what keeps access from drifting beyond its original purpose, especially when systems can be deployed quickly and forgotten just as fast.
Deepen your knowledge
AI lifecycle security and NHI governance are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building controls for AI systems with expanding runtime authority, it is worth exploring.
This post draws on content published by HiddenLayer: Malcolm Harkins' CSO Hall of Fame induction. Read the original.
Published by the NHIMG editorial team on 2026-03-10.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
