Cisco's SVP Anthony Grieco confirmed that rogue agent incidents are frequent within their customer base, highlighting a critical authorization gap where agents, despite passing identity checks, access unauthorized data. The need for more granular control over agent permissions is emphasized, as many organizations are unprepared for the security challenges posed by the deployment of agentic capabilities, with nearly half of critical infrastructure being outdated and unpatched.
For professionals focused on AI deployment and security, the pressing issue is the "authorization gap" in AI agents, where agents are given excessive permissions by default. This stems from cloning human user profiles for agents, leading to permission sprawl. To address this, immediately stop cloning human accounts for agents and instead implement granular, time-bound permissions specific to each agent task, ensuring that agents only access the necessary data at the precise time needed.