Notifications
Clear all
Topic starter
04/06/2026 2:57 pm
TL;DR: AI agents can outpace human guardrails, so governance has to keep up with autonomous query behaviour, according to Cyera.
NHIMG editorial — what this means for AI and NHI governance
By the numbers:
- Cyera says it has discovered and classified over one trillion sensitive records at 95% precision.
Questions worth separating out
Q: How should security teams govern AI agents that query sensitive data in Snowflake?
A: Start by mapping each agent to the data it can reach, the identities that can invoke it, and the actions it can trigger.
Q: Why do AI agents make data access reviews harder than human user reviews?
A: AI agents can query, reason over, and act on data repeatedly without the same intent, context, or pause points as a human analyst.
Q: What breaks when identity controls stop at table-level permissions?
A: Table-level controls miss the fact that most sensitive exposure lives in specific columns, indexed search services, or downstream actions.
Practitioner guidance
- Map every Cortex agent to its data reach Inventory who built each agent, who can invoke it, what search services it touches, and which datasets are reachable from that path.
- Apply masking at the field level Prioritise sensitive columns with over-exposed access and connect those fields to native masking or tag-based policies.
- Use conversational analytics for triage, not approval Allow security and data teams to query posture in plain language, but keep entitlement review, signoff, and remediation ownership in the governance process.
What's in the full announcement
Cyera’s full post covers the operational detail this analysis intentionally leaves for the source:
- How Snowflake tags connect to dynamic masking policies at the column level
- How Cyera AI Guardian inventories Cortex AI agents, owners, and invocation paths
- How Cortex Analyst exposes security posture through plain-language prompts
- How the Agent Graph ties search services, sensitive data classes, and outbound actions together
👉 Read Cyera’s analysis of Snowflake AI agent governance and sensitive data controls →
Cyera and Snowflake integrations: what changes for IAM teams?
Explore further
04/06/2026 3:07 pm
Policy-based masking is only as strong as the identity paths that can reach the data. Cyera’s column-level model shows that the real boundary is not the table, but the identity that can touch a sensitive field and the policy attached to it. That is why data tagging and masking belong in the same governance conversation as access entitlements. For practitioners, the lesson is to treat field exposure as an identity control problem, not just a data classification problem.
A few things that frame the scale:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials, according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: How do security teams decide whether an AI agent should keep access to regulated data?
A: Use the agent’s reachable datasets, its invocation paths, and its actual usage to test whether the access still matches the business purpose. If the agent can touch regulated data without a clear, current need, revoke or narrow the entitlement. Accountability should follow the data, not the convenience of the workflow.
👉 Read our full editorial: Cyera and Snowflake: governing AI agents and sensitive data
