Agentic AI and the Identity Governance Gap

Agentic AI adoption is hindered by identity governance issues. Without advanced IAM systems, enterprises struggle to manage non-human identities, limiting AI deployment.

Agentic AI systems, capable of performing tasks ranging from medical transcription to manufacturing quality control, introduce a profound structural challenge: identity governance. These systems generate non-human identities, creating difficulties for enterprises in managing them at the required machine speed. The current infrastructure was built for human identities, and as a result, remains inadequate for the capabilities of agentic AI.

Jeetu Patel, Cisco President, noted during the RSAC 2026 conference that while 85% of enterprises are experimenting with AI agent pilots, only 5% have advanced to full production. This disparity highlights a significant trust issue concerning which agents have access to sensitive systems and accountability for actions taken.

Architectural Trust Challenges

Michael Dickman of Cisco emphasizes that the gap is not due to model capability limitations but rather the architecture of identity governance. Contrary to typical technology transitions where security is often an afterthought, trust must be integral from inception. Dickman outlines four core conditions for establishing trust: secure delegation, cultural readiness, token economics, and human judgment. Each condition requires a shift from traditional IAM systems to those capable of handling the nuanced requirements of agentic AI.

Secure Delegation and Cultural Readiness

Secure delegation involves defining precise actions each agent is allowed to perform and ensuring a chain of human accountability. Meanwhile, cultural readiness involves rethinking workflows. Agents can process alerts at scale, presenting an opportunity to redesign work processes, thus altering organizational culture.

Token Economics and Human Judgment

Token economics refers to the computational cost associated with each agent action. Dickman suggests hybrid architectures where AI handles reasoning while deterministic software performs execution. Human judgment remains critical, as seen when an AI tool produced a 60-page product document requiring significant human refinement.

Network-Based Visibility

Current observability tools offer fragmented views, leading to incomplete insights. Networks, however, can capture real data communications, providing clearer cross-domain views necessary for effective policymaking. This capability is crucial as IoT and AI expand, with systems increasingly generating sensitive data requiring stringent access controls.

Breaking Down Siloed Data

The strategic challenge lies in data sequencing. Independent teams often build agents over siloed data, missing cross-domain insights. Effective integration across networks is essential for realizing the full potential of AI technologies, thereby addressing this common pitfall.

Agentic AI Trust Framework

Dickman’s framework involves a comprehensive review of identity governance, emphasizing ‘slow governance, rapid enforcement.’ Essential to this is agentic IAM—assigning each agent a human owner and clear permitted actions. This feeds into microsegmentation, a network-enforced approach that limits access and potential damage from compromised agents.

Practical Priorities for Deployment

Before deploying agents, enterprises should align cross-functional teams, ready IAM and PAM systems, adopt platform networking strategies, employ hybrid architectures, and establish trust-centric use cases. These steps ensure a robust governance framework that facilitates agent deployment and operational efficiency.

The enterprises resolving these identity governance gaps will advance their agentic AI deployments faster than their counterparts, establishing a trust architecture that supports rapid scaling and integration of new agents.

Monitoring continues.