New Delhi, June 1 -- As enterprises embrace AI at scale, the security conversation is shifting from models and data to identities and access. The rise of AI agents, APIs and non-human identities is expanding the attack surface and creating new governance challenges. In an interaction with TechCircle, Subhalakshmi Ganapathy, Chief IT Security Evangelist at ManageEngine, a division of Zoho Corporation, discusses why identity is becoming the new security perimeter and what organisations must do to manage AI risk. Edited excerpts:

What do you think are the biggest security blind spots organisations overlook when becoming AI-first?

One of the biggest blind spots is delegated privilege through autonomous agents. Enterprises have mature offboarding processes for employees, but AI agents and automated workflows often retain inherited permissions, API tokens or service-level access even after their human owners change roles or leave. Another misconception is that automation automatically creates control. In reality, AI deployments can expand privilege footprints faster than governance can keep pace. Organisations need to treat AI agents as first-class identities, with clear ownership, least-privilege access, time-bound permissions, continuous entitlement reviews and automated de-provisioning. Without that discipline, risk simply shifts into non-human identity pathways.

How should security thinking evolve when enterprise assets now include AI models, training data, APIs, prompts and autonomous agents?

Security must move beyond a perimeter-centric approach towards a trust-and-control model. AI introduces dynamic assets such as prompts, model behaviour, orchestration chains, tool-call permissions and data lineage, all of which influence decision-making. The challenge is no longer just securing infrastructure, but ensuring decision pathways are constrained, observable and reversible. Privacy and compliance must also be embedded into the architecture through controls for consent management, retention limits, purpose-bound data usage, and deletion or unlearning processes. Securing AI assets requires both technical safeguards and governance frameworks.

Which stage of the AI pipeline represents the most underestimated vulnerability today?

The most underestimated risk lies in runtime identity and execution control, particularly around service accounts, connectors, tokens and agent credentials. When these identities are over-privileged or poorly monitored, attackers do not need to compromise the AI model itself. They can exploit trusted pathways to access sensitive data or trigger legitimate-looking actions. Similar to cloud-era misconfigurations, these issues are often accidental but can have serious consequences. Organisations should prioritise ownership mapping, credential hygiene, behavioural base lining, anomaly detection and automated revocation mechanisms.

As AI systems increasingly operate autonomously, how can organisations embed accountability and governance?

Accountability must be built into the architecture rather than treated as a compliance exercise. A practical approach is decision tiering. Low-impact actions can be fully automated, medium-impact actions can require policy checks, while high-impact decisions should involve human approval. This preserves efficiency while ensuring oversight where the consequences are significant.

Governance also requires policy-as-code guardrails, explainability metadata, immutable audit trails, traceable decision logs and emergency kill switches. Every autonomous decision should be attributable, reproducible and contestable.

How can CIOs and CISOs integrate AI risk awareness into enterprise security strategies without slowing innovation?

AI adoption should follow a staged maturity model rather than a sprint deployment approach. Rapid rollouts often create hidden operational burdens, including governance gaps, duplicated workflows and greater incident-response complexity.

Security operations provide a useful example. Introducing AI-based alert triage in a single tool may reduce noise locally while the rest of the environment continues generating unmanaged alerts. Analysts are then forced to reconcile conflicting priorities. A better approach is platform-level integration supported by phased onboarding, risk-classification gates, policy baselines and clearly defined responsibilities. AI should be treated like a critical workforce member whose access, behaviour and responsibilities are continuously governed.

How can security teams move from reactive defence to predictive and adaptive security operations?

Predictive security begins with unified telemetry. Organisations need visibility across identity events, endpoints, cloud environments, APIs and AI runtime signals.

By correlating this information, security teams can identify weak signals earlier in the attack chain, including privilege-escalation attempts, lateral movement and unusual agent behaviour. Predictive operations also require continuous adversary simulations, control tuning, false-positive reduction and playbook refinement. The goal is adaptive defence, where AI accelerates detection and prioritisation while humans retain authority over critical containment decisions.

How do you see the AI-versus-AI security battle evolving over the next few years?

The AI security race will not be won by who deploys the most AI, but by who operationalises intelligence most effectively. Attackers currently have an advantage in speed because they operate with fewer constraints. Defenders, however, must balance speed with accountability. Over time, organisations will move from fragmented AI tools to integrated, context-rich security platforms. Success will depend on stronger identity governance, higher-quality telemetry, faster correlation and policy-compliant response automation.

What foundational security capabilities should organisations establish before scaling autonomous AI operations?

Three capabilities are essential: identity-centric security with comprehensive non-human identity governance; data and compliance integrity through classification, consent management, retention controls, and unlearning processes; and operational resilience through red-teaming, prompt-abuse simulations, fail-safe mechanisms, and incident-response exercises tailored for agentic systems. In fact, identity is now the operational perimeter. Organisations that secure identities, govern data and stress-test autonomous systems early will be better positioned to scale AI innovation without compromising trust, security or governance.

Published by HT Digital Content Services with permission from TechCircle.