Dominic Jainy is a seasoned IT architect who has spent the better part of two decades navigating the complex intersection of artificial intelligence, machine learning, and blockchain technology. As organizations rush to integrate autonomous systems into their daily operations, Jainy has emerged as a vital voice in the conversation regarding how we secure these “digital employees.” His expertise is not merely technical; he possesses a keen understanding of the structural shifts required to move from human-centric security to a world dominated by non-human identities. In this discussion, he sheds light on the evolving landscape of enterprise identity, the ethical tightrope of AI governance, and the urgent need for a continuous evaluation model that can keep pace with the machine-speed maneuvers of modern agents.
The core of our conversation delves into the growing misalignment between traditional security stacks and the fluid nature of agentic AI. We explore why the “point of login” is no longer a sufficient defense and how the proliferation of ephemeral tokens creates a shadowy attack surface that most firms are unprepared to manage. Beyond the bits and bytes, we address the looming regulatory shadow cast by landmark legislation and the “minefield” of privacy that exists when behavioral data is harvested for the sake of security. Throughout the dialogue, the focus remains on the transition from static, role-based controls to a dynamic, continuous control plane designed to limit the “blast radius” of the inevitable system failures.
Traditional security models have long relied on role-based access and multifactor authentication for human users, but these feel increasingly outdated. How do these older frameworks struggle when forced to manage the fluid, autonomous nature of modern AI agents?
The fundamental issue is that our current identity and access management stacks were built with a human heartbeat in mind, assuming that identities are known, bounded, and relatively stable over time. When you introduce autonomous agents, you are dealing with a web of non-human identities that do not take coffee breaks and move at machine speed, frequently generating sub-agents to handle specialized tasks. These agents often operate across multiple domains using shared credentials or implicit trust boundaries, which makes the traditional “point of login” decision feel like trying to stop a flood with a single sandbag. We are seeing a massive expansion of the attack surface because these agents invoke tools and access APIs without direct human intervention, leading to a state of identity ambiguity where it becomes nearly impossible to attribute actions to a specific, authorized source. The old models of role-based access control simply cannot provide the granular, real-time oversight needed when an AI decides to spin up a new workload in the middle of the night to optimize a database.
As we move toward an ecosystem populated by these non-human identities, what are the specific technical risks associated with agents that can generate their own sub-agents or utilize ephemeral tokens?
The technical risk is centered around the loss of clear attribution and the terrifying speed at which a compromise can propagate through a network. When an agent has the power to generate sub-agents, it essentially creates a nested hierarchy of access that most legacy systems cannot track, leading to a situation where tokens are replayed or misused far beyond their intended scope. In the past, once a service was authenticated and received a token, that token could often be replayed freely until it expired—sometimes for hours or even days—without the system ever re-checking if the context had changed. This creates a massive window of opportunity for attackers to hijack a session and move laterally through the enterprise under the guise of a legitimate autonomous process. The sensory reality of this is a silent, invisible breach where the “user” is actually a rogue process mimicking the behavior of a trusted agent, making it incredibly difficult for security teams to distinguish between a legitimate optimization and a data exfiltration event.
The concept of a continuous control plane has been proposed as a solution to the limitations of static tokens. Could you explain how this shifts the paradigm of trust within a corporate network?
Shifting to a continuous evaluation model means we stop treating authentication as a one-time event and start treating it as a persistent, living process. Even if a token is technically valid, a central policy engine must constantly confirm that the subject and its context—such as its IP address, geographical location, and device posture—still meet the organization’s requirements at that exact moment. We are looking for signals like sudden spikes in data access or unexpected changes in the agent’s behavioral patterns, which might suggest that the identity has been flagged as high risk by threat intelligence. This approach applies equally to humans and machine workloads, ensuring that if a device’s security posture degrades or a compromise is suspected, the access is severed instantly rather than waiting for a token to expire. It is a more rigorous, “trust nothing, verify everything” philosophy that reduces the window of identity abuse from hours down to milliseconds, effectively acting as a digital immune system.
When we consider the inevitability of system failures or malicious exploits, how does modern identity design prioritize the containment of a “blast radius” to ensure a company can recover?
Identity has become the foundational control for securing automation because it is the only lever we have left to limit the damage when things inevitably go wrong. In a well-designed modern system, the goal is not just to prevent entry, but to ensure that if one agent is compromised, the “blast radius” is so small that the rest of the enterprise remains untouched. This involves creating rigid boundaries and ensuring that automation and AI are integrated into systems with the mindset that mistakes will happen, and recovery must be the priority. By strictly defining what a non-human identity can and cannot do at a granular level, we can ensure that an error in a single AI-driven process doesn’t lead to a catastrophic, company-wide outage. It feels like installing fire doors in a digital warehouse; you might lose one room to the flames, but the structural integrity of the entire building is preserved through proactive containment and disciplined access design.
Beyond the technical hurdles, there is a significant ethical dimension to AI identity management. How do international regulations like the Data (Use and Access) Act 2025 and the Online Safety Act 2025 change the way organizations must prove their responsible use of technology?
We are entering an era where regulators are making it clear that fairness, explainability, and contestability are no longer “nice to have” features but are essential legal mandates. The Data (Use and Access) Act 2025 in the UK, for instance, significantly expands the duties of an organization regarding automated processing and the protection of vulnerable groups, meaning AI-driven identity checks will face unprecedented scrutiny. Organizations can no longer simply assert that they are using AI responsibly; they must provide demonstrable proof and maintain transparent documentation that shows how decisions—like who is denied access or flagged as suspicious—are being made. This shift toward a principles-based, regulator-led model means that if your AI identity system is found to be amplifying bias or operating as an opaque “black box,” the legal and financial repercussions will be severe. The pattern is unmistakable: the burden of proof has shifted to the enterprise, requiring a level of governance that most firms have yet to fully implement.
With the introduction of ISO/IEC 42001, the world’s first AI management system standard, organizations now have a blueprint for AI governance. How does this standard help bridge the gap between technical security and high-level corporate accountability?
ISO/IEC 42001 provides a much-needed governance architecture that forces leadership to take accountability for the entire lifecycle of an AI system, from its initial design to its ongoing performance evaluation. It doesn’t just replace existing compliance obligations, but rather provides the organizational discipline needed to navigate them by integrating risk assessments and lifecycle controls directly into the management structure. By adopting this framework, a company ensures that its AI identity solutions are not just technically sound, but are also explainable, monitored, and continuously improved based on real-world data. It moves the conversation from the IT basement to the boardroom, framing AI security as a core business risk that requires robust human oversight and a structured management approach. This standard is the bridge that connects the cold logic of machine learning with the ethical and legal requirements of modern society, ensuring that the technology serves the organization without compromising its integrity.
Privacy advocates often warn that the data used for identity verification can easily slide into intrusive employee surveillance. What guardrails must be in place to ensure that personal data and biometrics are used with integrity rather than becoming a tool for tracking habits?
This is perhaps the most dangerous “minefield” for modern enterprises, because the same data used to confirm a person’s identity—biometrics, location information, and behavioral patterns—can very easily be repurposed to monitor staff or profile their private habits. To navigate this mindfully, organizations must embrace privacy by design, performing rigorous Data Protection Impact Assessments (DPIAs) and setting disciplined boundaries around how identity data is utilized. Just because a system has the technical capability to infer deep insights into an employee’s behavior doesn’t mean it should be allowed to do so; there must be a clear legal basis and a demonstrable necessity for every piece of data collected. Transparency is the only way to maintain trust, which means providing clear notices to staff and ensuring that human oversight is always there to prevent the transition from security control to a surveillance state. Privacy and ethics are not parallel workstreams that can be ignored until the end; they are the very foundation upon which any legitimate use of AI must be built.
What is your forecast for the future of AI identity and access management?
I foresee a total departure from the human-centric IAM models of the past, as the industry moves toward a “identity-first” security architecture where humans, workloads, and autonomous agents are all treated as distinct entities on a single, continuous control plane. In the coming years, the role of the security professional will shift from managing static permissions to governing complex, self-adjusting ecosystems where AI manages the security of other AI systems. We will see a massive push toward standardization through frameworks like ISO/IEC 42001, and the companies that succeed will be those that view identity as a living, breathing entity rather than a checkbox on a login screen. Ultimately, the survival of the enterprise in an AI-driven world will depend on its ability to balance the sheer speed of automation with the steady, ethical hand of human-led governance.