The rapid uptake of artificial intelligence across enterprises has created a new fault line in cybersecurity and exposed a widening gap between innovation and governance.

As organisations within the Asia Pacific and Japan region race to deploy autonomous agents and AI copilots, many are discovering that their existing perimeter-based security guardrails are ill-equipped to manage the risks associated with this new class of AI-driven threat.

What was once a largely human-centric discipline is now being redefined. Identity security, historically treated as a supporting function, is emerging as the foundational layer for safe AI adoption.

At the centre of this shift is the rise of non-human identities (NHIs), autonomous systems that operate at machine speed, often with elevated privileges and minimal oversight.

If you can’t verify exactly who or what is accessing your data in real-time, the perimeter is essentially non-existent.

AI identities create a new attack surface

The emergence of AI agents has fundamentally altered the security perimeter. These non-human identities are increasingly being granted access to sensitive systems and data, sometimes exceeding the authority of their human creators.

Many organisations are still grappling with incomplete identity frameworks for human users, relying on manual access reviews and struggling with entitlement sprawl. Extending these imperfect systems to AI-driven identities introduces new layers of complexity.

The risks are not theoretical as security teams frequently lack visibility into how many agents are operating within their environments or what decisions they are making. Attackers are already exploiting this opacity, using techniques such as prompt injection and model manipulation to hijack AI agents and effectively turn them into insider threats.

Machine-to-machine connections under scrutiny

At the same time, new frameworks are enabling AI systems to interact directly with enterprise applications, bypassing traditional human checkpoints. Model Context Protocols (MCPs), for example, provide a standardised way for agents to connect to tools, data sources and workflows.

These connections carry significant authority. An AI agent equipped with MCP access can retrieve sensitive information, trigger business processes and execute actions across critical systems – all without human intervention.

While this unlocks efficiency gains, it also introduces high-value access pathways that are difficult to monitor. If compromised, MCP credentials and tokens can be exploited at scale and speed, allowing attackers to operate largely undetected.

The absence of visibility is becoming a recurring theme. Many organisations lack a clear understanding of which agents are interacting with which systems, and what permissions they hold.

Data security returns to centre stage

AI’s ability to surface and synthesise information is forcing a long-overdue reckoning with data governance. For years, enterprises have deferred the laborious task of data classification and cleanup, however AI has effectively eliminated that option.

Unlike human users, AI systems do not distinguish between what they can access and what they should access. A forgotten file or misconfigured permission can quickly become a source of exposure, as AI tools make previously buried data instantly discoverable.

Compounding the issue is the way AI agents inherit permissions from their creators. Any instance of excessive access, whether intentional or accidental, is amplified when delegated to an autonomous system.

Breaking down silos to enable zero trust

The speed and scale of AI-driven activity are also exposing the limitations of fragmented security architectures. Many enterprises still rely on a patchwork of tools that operate in isolation, limiting their ability to share context and respond to threats in real time.

This lack of integration was manageable when threats evolved at human speed. However, it is far less viable when attackers use automation to probe systems, escalate privileges and move laterally within seconds.

Critical signals are often delayed or lost altogether, as insights from one system fail to propagate to others. In an environment increasingly defined by autonomous workflows, this fragmentation represents a significant vulnerability. 

Identity now the cornerstone of cybersecurity

As AI continues to evolve, identity is emerging as both the problem and the solution. It defines who or what is acting within a system, and whether that action should be permitted. In this sense, identity is no longer just a gatekeeper but rather the strategic foundation for secure AI adoption.

Somewhat paradoxically, AI itself may provide the tools needed to address longstanding identity challenges. Its ability to analyse vast datasets can help identify orphaned accounts, detect anomalous behaviour and map complex access relationships that would be difficult to uncover manually.

This creates an opportunity for organisations to move beyond compliance-driven identity management and adopt a more proactive, architecture-led approach.

The initial wave of AI adoption was characterised by speed and experimentation. That phase is now giving way to a more sober assessment of risk.

The convergence of autonomous agents, governance gaps and limited visibility has created a new class of security challenges that cannot be addressed with legacy tools or human-centric processes.

Instead, organisations must rethink their approach, placing identity at the centre of their cybersecurity strategy.