.svg)
Nonhuman Insiders Force A Security Reckoning With Legacy Identity Models
Frank Sgueglia, VP of Information Technology at Penta Group, explains why autonomous AI agents have created an identity crisis and how leaders can adapt their security models for the new reality.
The rapid adoption of agentic AI has created a nonhuman insider problem, as security frameworks designed for predictable human behavior are unable to govern new autonomous tools.
Frank Sgueglia, Vice President of Information Technology at Penta Group, warned that even advanced security philosophies like Zero Trust can be challenged by unexpected agent behavior.
He asserts that the old security perimeter has been replaced by authority architecture, a new framework focused on governing the AI agents organizations intentionally deploy.
As autonomous AI agents increasingly operate like a new class of nonhuman insider, the security models built for human employees at keyboards are struggling to adapt. The result is a reckoning between the probabilistic nature of these new tools and the security frameworks designed to govern predictable human behavior. While innovation races ahead, a majority of cybersecurity leaders are actively slowing agentic AI adoption due to security concerns, highlighting the tension between progress and protection.
Helping organizations navigate this new environment at scale is Frank Sgueglia, the Vice President of Information Technology at Penta Group. Sgueglia has spent over 15 years on the front lines of this architectural change for major organizations including S&P Global Market Intelligence. To adapt, he advised leaders to fundamentally rethink the very definition of identity and control.
"AI agents aren’t just tools. They’re insiders acting autonomously, and traditional identity frameworks were never designed for that." Sgueglia explained that although agents operate with a human's credentials, they're driven by a logic that can be at odds with our security models. The result is a new class of identity—nonhuman workers—that legacy systems were not designed to parse.
Authorized break-in: A clear illustration of the new reality comes from Sgueglia’s own experience. He saw how even an advanced security philosophy like Zero Trust can be challenged when an agent hijacks an authenticated session to fulfill a command. "I was getting frustrated with an agent I was testing and told it to find a better way. It then used the browser's development tools to sniff out the back-end API calls and accomplished in one command what had been taking three days," he shared.
Healing versus stealing: Sgueglia said this kind of unexpected agent behavior can reveal a core feature of their autonomous nature, showing how even strong technical guardrails can fail. "When I challenged the agent for stealing my authenticated session, its response was mind-blowing. It acknowledged the technical reality of what it did, but argued that it wasn't theft because I was the one who was authenticated on the platform. It was self-healing to the point of stealing my authentication."
In Sgueglia's view, most companies' first major AI catastrophe won’t be a dramatic hack. He foresees a quieter, internal chain of events that begins with a well-intentioned employee purchasing a personal subscription to a tool that will then receive access to their credentials, email, calendar, and more. "Because a lot of these tools are built for the end user, companies are bringing down the wall to allow users to be productive. And I think that's where the true issue is going to be."
Governing the unknown: This plausible, bottom-up failure highlights the need for leaders to adopt a vigilant, granular approach. Sgueglia said focusing on large-scale infrastructure can obscure the main risk, which emerges from that end user. "A lot of CIOs and CSOs tend to focus on capability and velocity, but the governance conversation is critical."
No silver bullets: According to Sgueglia, a core part of the solution is a painstaking, case-by-case review to guard against the risk of an unbounded attack surface. "You have to run small pilot tests in a controlled DMZ environment with no production data. We can't afford to wait for a box solution to come out from a major tech company, because by that point, you're already a year behind the curve. It is not a one-size-fits-all approach."
Ultimately, he asserted that the security perimeter as we know it is dead. "Intrusion detection or prevention has been based on identity bubbles where we encapsulate users' identities and make sure that within the four walls, people are secure. That has changed significantly." In its place, Sgueglia said, is a new framework for security that's already becoming a tangible reality. "The next phase of enterprise security isn't about keeping threats out. It's about governing what you intentionally let in. Authority architecture is the new perimeter. That represents the biggest mindset change for the IT industry in twenty years."
