TL;DR: Fabrix argues that identity is becoming the control plane for cybersecurity, with AI agents adding context and reasoning to access decisions while humans remain in the loop. The practical issue is not whether identity matters, but whether current IAM and governance models can trust runtime decisions at machine speed.
NHIMG editorial — based on content published by Fabrix Security: IsraelTech: Why the Next Cybersecurity Revolution Starts with Identity
Questions worth separating out
Q: How should security teams use AI in access decisions without losing governance?
A: Use AI for recommendation, triage, and pattern detection first, then keep human approval for privileged, exception-heavy, or business-sensitive access.
Q: Why does identity context matter more in modern security operations?
A: Because access decisions are increasingly made at runtime, identity context determines whether the decision is accurate, defensible, and scalable.
Q: What do security teams get wrong about AI-assisted identity governance?
A: They often treat AI as a substitute for identity quality, when it only amplifies the data it receives.
Practitioner guidance
- Map which access decisions can be AI-assisted Separate low-risk, high-volume reviews from privileged or exception-heavy decisions.
- Validate identity data before introducing decisioning automation Check whether entitlements, roles, and account relationships are consistent across directories, cloud platforms, and SaaS systems.
- Preserve an audit trail for every exception and override Require a named owner, justification, and review path for each AI-assisted access exception.
What's in the full article
Fabrix Security's full video covers the operational detail this post intentionally leaves for the source:
- The interview framing around why identity has become the core control plane for modern cybersecurity.
- Fabrix’s explanation of how its AI agents use context and reasoning in access decisioning.
- The discussion of why human oversight still matters when access decisions are AI-assisted.
- The broader conversation on cybersecurity innovation and the role of Israel as a testing ground.
👉 Watch Fabrix Security’s video on identity-driven cybersecurity decisioning →
Identity decisioning in security operations: what changes now?
Explore further
Identity is becoming the decision fabric of cybersecurity, not just an enforcement layer. When access decisions are made with context, risk, and workload signals, identity moves upstream into the architecture itself. That changes the governance problem from granting accounts to governing decision quality across every access path. Practitioners should treat identity intelligence as core security infrastructure, not an add-on.
A few things that frame the scale:
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to the Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which means runtime identity decisions are often being made against incomplete inventory data.
A question worth separating out:
Q: Who should own accountability when AI helps approve access?
A: A named human owner should remain accountable for the decision framework, the exception path, and any override. AI can assist with scoring and context, but accountability cannot be delegated away from the programme that uses the output.
👉 Read our full editorial: Identity decisioning for cybersecurity: what Fabrix says changes