TechChannels Expert Insights

Q&A: NetSkope Threat Researchers Discuss Governing AI in the Enterprise: Identity, Authorization, and the Next Security Frontier

Written by Teri Robinson | Jul 10, 2026 1:53:00 PM

As organizations move beyond AI experimentation into enterprise deployment, security leaders are confronting a new set of challenges. AI is no longer simply another application—it is becoming an active participant in business processes, interacting with data, third-party services, and autonomous agents.

While much of the industry's attention has focused on AI threats, Vini Egerland, Senior Staff Threat Research Engineer, and Dagmawi Mulugeta, Staff Threat Researcher at NetSkope, argue that the bigger issues remain governance, authorization, identity, and visibility.

Rather than treating AI as an isolated security problem, they emphasize that organizations should strengthen the foundational controls that govern users, applications, third-party providers, and machine identities. Egerland and Mulugeta mulled how AI is changing identity, why governance has become more important than ever, and why human behavior continues to present one of the greatest sources of enterprise risk.

Q. Has AI changed what organizations should prioritize?

Egerland: Six months ago, we were just watching closely to see what was going on. Now, we have some idea that things are not going to mature as fast as we thought. To me it became more obvious that it goes back to the basics. There are new challenges that we don't quite know but we had to come to the Infosec conference and talk about governance. As much as I like to talk about more juicy things, it's kind of the moment where we are with the new technology. It's still the same story but organizations are actually doing something about it. They're using enterprise-sanctioned apps instead of just letting users run with whatever they want.

Q. How is AI changing supply chain and third-party risk?

Mulugeta: The AI supply chain has highlighted how much organizations need to do—their vendor protocol, their vendor checklist. “Are you using any AIs that we can't use? If so, then you're kind of sending our data off there as well.” Organizations have extra checklists to make sure that whoever they choose to partner with is also compliant.

Egerland: There's a depth there as well with the third-party applications. For the past two years it's been straight-on supply chain. I don't think we're there yet in terms of being able to have that governance and that visibility. Now, we're going to start seeing threats around AI. We thought it was this linear relationship between a user and resource. Suddenly you have a third party and somewhere you have AI–actually it’s everywhere. We're talking about open-ended autonomous agents. I think that just compounds the effect that we're still catching up.

Q. What does identity mean in a world of AI agents?

Mulugeta: That's the challenge we're seeing. When you have users using these agents, is it an extension of the person? Or is it an additional member of the team? How do you treat the controls? How do you decide what to give it access to? How do you decide how to authenticate, authorize it? That's definitely an open-ended question. Organizations are tempted to give more and more and more access. Suddenly, the agent has the keys to the kingdom. Maybe there’s not malicious intent. Maybe it just incorrectly understood what you wanted. Then it takes down production.

Q. Why is authorization becoming more important than ever?

Egerland: The talk that we delivered here was a bit about authorization. We lean into the OAuth protocol. It is evolving right now to adjust for machine-to-machine transactions. Users are authorizing and they are passing their roles to it. All the permissions and privileges that come with roles. The trust that was given to users are given to agents. What do they do with that? Well, they solve problems. You just don't know which problems they're going to solve.

Q. Why does governance matter so much in the AI era?

Egerland: We highlighted two things during the talk. One was the need for governance. It's not a hot, exciting topic to talk about. Do you have visibility of what the agents are doing in your organization and outside your organization also? The authorization framework is so unclear right now. The complexity of this is going to increase. I think it's a matter of time.

Q. What makes AI agents difficult to control?

Mulugeta: They’re non-deterministic. The fact that an agent did the same thing right ten times doesn't mean that the eleventh time it's going to do the same.

Q. How will quantum computing affect enterprise security?

Egerland: I think every technology breakthrough is going to complicate things. The productivity pressure that we have around AI. We're going to have a new pressure. We need to migrate and prepare for Q-Day. At the very least, that's going to be a big catalyst.

Mulugeta: I think the idea of [quantum] making compute more efficient and easier might push it a little bit. We're still not there. Is it going to help? Yeah.

 

Q. What surprised you most in your recent research findings?

Egerland: Users are using more AI. Users are becoming AI power users. Everyone is forced to do so. There's a new group of power users being formed. The AI apps, though, don't cause more violations. But these users generate about three times more violations. The users continue to be there especially now and they're what's making it risky for organizations. That was a bit surprising to me.

Q. What do organizations often misunderstand about AI risk?

Mulugeta: You'd think that AI power users would be the ones that just raise all this concern. It's not the interactions with the AI that's concerning. They're concerning outside of the interactions with AI. If you focus on just monitoring the interactions with AI, that's not necessarily all you want to see. There are other things that also cause concern.

Egerland: Who would expect to have to train the power users? You’d think that you need to train the ones that are not.

The discussion highlights a pivotal shift in enterprise security. While AI introduces new capabilities, the underlying challenges remain rooted in governance, identity, authorization, and visibility. Rather than focusing solely on securing AI applications, organizations must rethink how trust is extended across users, agents, third-party providers, and autonomous systems.

Perhaps the most significant insight is that AI does not eliminate the importance of human behavior—it amplifies it. As AI power users become more prevalent and agents inherit human permissions and responsibilities, security leaders will need stronger governance models, more mature authorization frameworks, and continuous visibility into how identities—both human and machine—interact with enterprise data. Success in the AI era will depend not only on deploying new technologies but on strengthening the foundational controls that have always underpinned effective cybersecurity.