Okta's Harish Peri on What It Takes for CIOs to Secure AI Agents
InformationWeek, Thursday, June 18th, 2026
CIOs must apply granular identity controls and continuous authorization to AI agents to manage shadow AI and autonomy risks.
Organizations deploying autonomous AI agents face critical security gaps as shadow agents proliferate without oversight.
Okta's AI security leader identifies three key risks: malicious employees, external attackers using prompt injection, and agents incorrectly exposing sensitive data. Traditional IAM fails for AI agents because they lack predictable lifecycles and fixed execution paths.
CIOs should treat agents as first-class identities with granular, attribute-based access controls rather than static API keys, and establish central discovery and governance. Organizations can also deploy guardian agents to monitor thousands of machine-speed API calls and enforce fine-grained permissions across applications, processes, and data.