EventsResearchBe a ContributorEditorial CalendarAdvertising
The Business of Enterprise AI
Surveillance cameras looking over a street
Editorial

Enterprise Security 2.0: How AI Is Changing the Game

4 minute read
Myles Suer avatar
By
January 13, 2025
AI Technology
SAVED
Generative AI is changing the rules of security. Learn how it's tackling cyber threats, protecting data and redefining trust in a risky digital world.

Security isn’t just a priority for modern enterprises — it’s a mandate. Even the SEC now requires organizations to disclose how they are bolstering security in their annual reports. 

In their book, “Rewired,” McKinsey consultants Eric Lamarre, Kate Smaje and Rodney Zemmel highlight the critical role of digital trust in today’s business landscape. Highlights include safeguarding consumer data, fortifying cybersecurity, ensuring trustworthy AI solutions and maintaining transparency in AI and data practices. 

But how will AI and generative AI reshape the security game? Can they level the playing field against bad actors? To uncover the answers, I spoke with Andrew Moore, VP of product at SailPoint, about the transformative potential for CIOs and CISOs.

Table of Contents

Generative AI Agents Bring Big Potential 

Is the attention on GenAI agents warranted? 

“Anytime a paradigm-shifting technology like generative AI unlocks the imagination, attention is certainly warranted,” said Moore, adding, “I believe we are still very early in understanding the types of industries and use cases that will truly transform through the help of these new technologies.

“I like to borrow a phrase from our CEO and Founder Mark McClain to explain our approach. We’ve been working with AI since the inception of our cloud business. With generative AI, we like to say that we’re proceeding aggressively — with caution. The potential of these agents to automate complex decision-making processes, personalize user experiences and improve productivity is significant, but we aim to progress methodically with an eye toward privacy and enablement. There are plenty of challenges and sharp edges remaining for companies with regards to data privacy, security risk and lack of clear use cases that deliver customer value.”

Where can intelligent agents impact how businesses protect themselves?

Without question, AI is an opportunity and risk. So, what is the opportunity? It’s human inclusive, as David De Cremer argued.

Moore explained, “AI can sift through enormous amounts of data and recognize patterns indicative of a threat. My company is focusing on our AI-infused features by reducing the need for people to perform monotonous, repetitive tasks while improving a company’s security posture.

“While some companies may try to automate humans out of the loop, we want to empower users. AI agents can automate monitoring and responses to anomalies, but based on early customer feedback, and our own vision of the future, we believe the human/machine team (augmentation) is much more effective than an autonomous AI Agent.”

Related Article: AI Agents: How CIOs Can Navigate Risks and Seize Opportunities

Where AI Agents Fit Into Security Strategies

What scope of work will agents be able to take on across the security landscape?

According to Moore, “we currently have two types of work our AI Agent operates across.

  • ‘Knowledge and Discovery,’ where our AI Agent helps users discover answers and insights regarding product data, functionality and capabilities.
  • ‘Assistant,’ which connects users to relevant places within Identity Security Cloud and conducts specific, directed actions on behalf of the user like generating a workflow.

We have existing features which offer recommended actions to take, spot outliers and incorporate activity data insights into the product. While these could all be future capabilities within our AI Agent, we surface all these now within the product.”

How could agents better protect data?

Without question, internal or external bad actors have the advantage. As a friend once said to me, they have unlimited time and resources. Can agents readdress the balance?

Moore said, “AI agents can take autonomous action to rectify what it deems inappropriate access. Currently, we see the most valuable AI agent actions being to the ‘left of the bang’ (preventative actions), focusing on actions that can steadily make a system more secure over time versus taking real-time autonomous actions in the midst of a potential cyber-attack.

“While not an AI agent, our first GenAI feature that has been in production since April generates entitlement descriptions from the entitlement name. This provides administrators with crucial context, helping them make informed decisions about access rights and forms a solid security foundation for our other AI tools. We plan to pursue GenAI features that assist an admin to make the ‘best’ decisions for their own program instead of cutting that admin out of the process.”

AI Agents Mean Changes for Data Stewards and CISOs

In five years, how will agents change how security is done and implemented?

“We predict that agents will have to be governed with the same processes and standards that we currently use for humans and bots,” said Moore. “Today, there are access control gaps opened with unlocking AI agents on your enterprise data. They may not be securing access at the point of interaction with the model or during the agent’s retrieval and improved learning.

“The human/AI agent relationship will continue to evolve and make security easier in some respects, but the fundamentals of identity security will make up the foundation of any good identity security program.”

How will agents impact the roles of data stewards and CISOs long-term?

“Agents will likely continue to move the role of data stewards and CISOs from operational to strategic”, said Moore.

“For example, data stewards will oversee AI-driven systems, ensuring compliance based on evolving organizational needs. CISOs will be empowered by real-time insights and predictive analytics, enabling them to focus on strategic risk management and orchestrators of automated security frameworks rather than repetitive, monotonous day-to-day security operations.

“Agents will need to be governed though, and a completely autonomous future is still further on the horizon than what some may be predicting.”

How excited are CISOs and CIOs for this line of investment?

“In conversations we’re having, C-Suite executives are cautiously optimistic,” said Moore. “We have seen customers’ number one GenAI concern being with how their data is secured and protected. The novelty and utility of the feature is a distant second.

“It’s important for vendors to be open about their infrastructure, clear on how data is being used and protected and transparent to company AI councils. Vendors also need to continue to innovate and evolve to provide tangible customer value, but that evolution shouldn’t be at the expense of risking a company’s data. It’s understandable that CISOs and CIOs are cautious as different companies have different approaches to the speed/risk of innovation.”

Related Article: 5 AI Case Studies in Risk Management

Learning Opportunities
Webinar
Roller Coaster
Oct
16
Agentic AI Playbook: Real-World Customer Service Use Cases You Can Deploy Now
Boost self-service by 30% and slash call volume by 63% with agentic AI.
Register
Webinar
Storage
Oct
22
Beyond Storage: Smarter Content, Bigger Impact with DAM + AI
Discover how the DAM + AI duo makes content smarter, stronger and more accessible.
Register
Webinar
Overloaded car
Nov
6
Fix the Content Bottleneck: Build a Better WebOps Strategy
Content stalled? Dev overloaded? You’re not the only one. Learn how streamlined WebOps bridges the publishing gap.
Register
Webinar
Creating Content Live
On demand
CMS Briefing: A Live Look at What’s Next in AI-Driven Platforms
Learn how leading organizations are using AI‑driven tools to publish faster, personalize smarter and stay secure.
Watch Now
Webinar
Salesforce that works
On demand
Ready or Not: How Data-First Organizations Are Unlocking Agentforce Potential
Learn how to cut through the noise, activate Agentforce and build a Salesforce AI strategy that actually delivers.
Watch Now
Webinar
AI team is working
On demand
AI in Customer Service: Faster Resolutions, Happier Customers
Don’t let rising demand burn out your team. See how to build a smarter, more resilient support org.
Watch Now
Webinar
Roller Coaster
Oct
16
Agentic AI Playbook: Real-World Customer Service Use Cases You Can Deploy Now
Boost self-service by 30% and slash call volume by 63% with agentic AI.
Register
Webinar
Storage
Oct
22
Beyond Storage: Smarter Content, Bigger Impact with DAM + AI
Discover how the DAM + AI duo makes content smarter, stronger and more accessible.
Register
Webinar
Overloaded car
Nov
6
Fix the Content Bottleneck: Build a Better WebOps Strategy
Content stalled? Dev overloaded? You’re not the only one. Learn how streamlined WebOps bridges the publishing gap.
Register

Parting Words: The Blend of AI and Security

AI and generative AI are reshaping enterprise security just like they are reshaping how business operates. While these technologies can revolutionize threat detection, automate responses and empower human decision-makers, their success hinges on thoughtful implementation, robust governance and unwavering transparency.

As CISOs and CIOs navigate this landscape, their goal should be not just to leverage AI, but to build a future where security is seamless, proactive and human-centric. In this evolving era, trust and innovation must go hand-in-hand to secure the enterprise for tomorrow’s threats.

fa-solid fa-hand-paper Learn how you can join our contributor community.

About the Author
Myles Suer

Myles Suer is an industry analyst, tech journalist and top CIO influencer (Leadtail). He is the emeritus leader of #CIOChat and a research director at Dresner Advisory Services. Connect with Myles Suer:

Main image: luck on Adobe Stock, generated with AI
Tags
ai agentsciocisocybersecuritygenerative aiartificial intelligenceai
Featured Research
Featured research
Research Report
Get Better at ROI Projections for GenAI in Customer Service
Insights on how to turn GenAI pilots into enterprise-scale productivity systems—backed by architectural readiness and real outcomes
Read now
Featured research
Research Report
AI That Automates Outcomes - Not Just Interactions
Learn how to operationalize AI across the service stack with agent orchestration, copilots and unified data flows
Read now
Featured research
White Paper
Five Ways Retailers Can Leverage AI With Immediate Impact
What do product recommendations, refund policies and onboarding have in common? They’re all getting a whole lot faster with the right AI.
Read now
Featured research
eBook
The Automation Playbook for Overwhelmed CX Teams
Reduce average handle time, fix bad handoffs and take your automation from clunky to clean.
Read now
Featured research
Research Report
Unlocking the Potential of Artificial Intelligence in Digital Customer Experience
Insights and Trends from Organizational Adoption
Read now
Featured research
eBook
How to Meet Your GenAI Goals While Mitigating the Risks
Pressure is mounting to create Generative AI solutions—but cautions abound. Here’s how to meet your goals, while reducing costs and risks.
Read now
Featured research
Guide
Your Blueprint to Generative Answering in Digital Self-Service, Building Next-Gen Experiences
Get real-world advice from 30+ enterprises on how to reduce hallucinations, boost security and design the ultimate generative experience.
Read now
Featured research
Research Report
Artificial Intelligence and The Digital Workplace: Altering the Future of Work
Nearly 1,400 executives give us their thoughts on AI, machine learning and new generative AI tools
Read now