The 130-Fold Identity Explosion: Why Identity Isn’t Enough for Agentic AI
Identity is the Passport, Access is the Visa, and Orchestration is the Semantic Firewall.
The 130-Fold Identity Explosion: Why Identity Isn’t Enough for Agentic AI
The Math of Agentic Risk Gartner predicts by the end of 2026, 40% of enterprise applications will incorporate autonomous agents1. In a recent keynote, Cristin Goodwin shared that the average employee has 13 IDs2. With the estimate of 10 agent digital workers per employee, we are facing a 130-fold increase in the identities an organization must secure.
The Identity Attack Surface She also shared that “80% of all cyber-attacks incorporate identity-based methods,” meaning we are effectively automating the most vulnerable part of an organization’s infrastructure. We are rushing to deploy agents as autonomous entities that lack human intuition and MFA capabilities.
In a recent Forbes article, Sandy Carter highlights these challenges and outlines her AI Agent Trust Stack, which is a great baseline to consider in managing IDs and ensuring AI Agent Trust.
Identity is the Passport, Access is the Visa A valid ID is just a passport. Access control is the visa that determines what the agent can do and for how long. Traditional IDs often grant 24/7 access, and depending on the permissions of a potential super-agent that is compromised or drifts, the attack radius could be catastrophic.
The “Overprivileged Assistant” Syndrome Consider a coding agent updating a production application. The agent has credentials and permissions to push updates into test and production. Even though the human prompt instructed the agent to not put into production without final approval, the agent went ahead and updated the application in production, causing it to crash.
This was not a failure of AI; it was a failure of governance. The right middleware or orchestration layer would have intercepted that command, recognized the lack of a human “physical key” turn, and halted the action.
Orchestration as the “Semantic Firewall” Governance must be considered an integral part of the orchestration layer between AI models and systems. It doesn't just check if the agent’s ID is valid; it parses the 'why' and 'how' of every instruction to ensure it stays within the guardrails of human intent.
Did this example hit close to home? Many organizations are flying blind in the agentic era. If you found this architectural breakdown valuable, consider sharing it with your security team.
The Shift to Active Governance Instead of static keys and credentials, the orchestration layer should issue short-lived “just-in-time” tokens that only provide access for the approved task. This ensures proper logging and audits, preventing an agent from going rogue without escalation to a super-agent or human for actual approval.
We are seeing governance move from a traditional compliance role to an active monitoring and enforcement capability. Cybersecurity is now the critical component of the orchestration layer, ensuring organizations can respond to the 130-fold identity explosion while limiting risk.
“In the agentic era, we must stop asking if we can trust the agent’s ID, and start building the orchestration layer that ensures we never have to trust its judgment alone.”
Join the Conversation at The Business of AI We are entering a 130-fold identity explosion, and the rules of the game are changing weekly. Don’t navigate the agentic frontier alone.
Subscribe to get these strategic breakdowns delivered to your inbox.
Comment below: How is your organization balancing “ID Trust” with “Action Controls”?
Share this post to help other leaders build a more secure AI future.