Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

AI security across employees, apps and agents: where do controls fail?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9439
Topic starter  

TL;DR: AI systems now operate across employees, applications, and agents, which fragments risk and makes point solutions ineffective, according to Lakera. A unified control plane is becoming the practical model for runtime visibility, policy enforcement, and governance across the full execution lifecycle.

NHIMG editorial — based on content published by Lakera: AI Security Isn’t One Problem Anymore. So Why Are We Still Treating It Like One?

Questions worth separating out

Q: How should security teams govern AI systems that span employees, applications, and agents?

A: Security teams should govern AI by execution path, not by point solution.

Q: Why do traditional security controls fail for agentic AI workflows?

A: Traditional controls fail because they are usually applied before or after execution, while agentic AI can retrieve data, invoke tools, and act during the session.

Q: When does AI security become an identity governance problem?

A: AI security becomes an identity governance problem when systems can act with delegated access across enterprise tools and data.

Practitioner guidance

  • Map AI controls by execution layer Inventory where AI appears in employee workflows, embedded applications, and agentic actions.
  • Add runtime checkpoints for tool use and action execution Require policy decisions at the point where AI requests data, invokes tools, or triggers a downstream action.
  • Align AI governance with identity lifecycle controls Treat delegated access, service credentials, and agent permissions as lifecycle-managed assets.

What's in the full article

Lakera's full article covers the operational detail this post intentionally leaves for the source:

  • How the AI Defense Plane is positioned to connect visibility, runtime protection, and policy enforcement in one operating model
  • The article's breakdown of the three AI exposure layers, including where employee, application, and agent risk diverge
  • The specific language Lakera uses to describe execution-lifecycle control and how it maps to day-to-day AI security work
  • The vendor's own framing of where practitioners should start when AI is already embedded in the business

👉 Read Lakera's analysis of AI security across employees, applications and agents →

AI security across employees, apps and agents: where do controls fail?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8923
 

The real problem is not AI volume, it is execution spread. AI security fails when organisations treat employee use, application embedding, and agent action as unrelated issues. The controls are then scoped too narrowly to see how prompts become decisions and decisions become actions. The practical conclusion is that AI governance has to follow the execution path, not the surface label.

A few things that frame the scale:

  • The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to The State of Secrets in AppSec.
  • Organisations maintain an average of 6 distinct secrets manager instances, creating fragmentation that undermines centralised control, according to The State of Secrets in AppSec.

A question worth separating out:

Q: How do organisations know whether their AI control plane is working?

A: A working AI control plane can trace behaviour across layers without losing accountability. Organisations should be able to see which identity requested access, which policy allowed the action, and which system executed it. If any one of those links is missing, the control plane is only partial.

👉 Read our full editorial: AI security needs a control plane across employees, apps and agents



   
ReplyQuote
Share: