Analyst(s): Krista Case
Publication Date: June 18, 2025

As autonomous AI agents increasingly integrate into enterprise workflows, traditional data and identity security practices are being outpaced by the complexity, scale, and fluidity of these systems. Organizations must adopt dynamic, embedded security strategies that can govern ephemeral agent behaviors and protect sensitive data in real time. Vendors have an urgent opportunity to deliver agent-native security capabilities that empower enterprises to stay ahead of emerging threats.

Key Points:

• Vendors should embed data classification, tagging, and encryption into AI agent pipelines to proactively prevent data leaks and support compliance in sensitive industries such as healthcare and finance.
• AI agents must be managed as first-class identities with just-in-time access, credential rotation, and telemetry monitoring to reduce the risk of misuse or compromise.
• Support for identity federation, delegation, and behavior analytics is essential to detect and respond to potentially malicious AI agent activity across complex workflows.

Overview:

Figure 1: AI and the Cybersecurity Skills Gap

Autonomous AI agents are poised to transform enterprise operations—automating decision-making, collaborating across systems, and interacting dynamically with data and services. However, this evolution also introduces profound new security challenges. Chief among them are the expanding attack surface of sensitive data and the need to rethink identity security in a world where agents, not just humans or machines, must be treated as trusted (or untrusted) actors. Enterprises and security vendors must rapidly adapt to ensure that security evolves in lockstep with agentic adoption.

Data Security: An Expanding and Ephemeral Attack Surface

As AI agents communicate, reason, and take action with increasing autonomy, they generate, consume, and transmit large volumes of sensitive data. These workflows are fluid and distributed, often crossing traditional organizational or trust boundaries. That means data could be exposed not just in final outputs but also in intermediate forms—such as prompts, memory states, logs, and cached inputs—that agents rely on to function. Open protocols such as the Model Context Protocol (MCP) facilitate observability, but without agent-native security controls, they also introduce new vectors for data leakage.

To secure these workflows, vendors must build data protection capabilities into the AI agent pipeline itself. That includes supporting embedded data classification, tagging, and encryption that follows the data throughout its lifecycle. This enables visibility, auditability, and policy enforcement at every stage—critical for maintaining compliance in highly regulated environments such as healthcare and financial services.

Identity Security: Agents as First-Class Entities

AI agents don’t conform to static identity models. They may be ephemeral, spin up dynamically, assume different roles based on context, and traverse trust boundaries in ways that legacy identity systems aren’t equipped to manage. This undermines traditional constructs such as role-based access control or long-lived credentials. If compromised, an AI agent could impersonate trusted systems or inject malicious data into decision-making processes, compounding enterprise risk.

Vendors must enable enterprises to treat agents as first-class identities, complete with policies for just-in-time, least-privilege access, continuous telemetry and behavior monitoring, and dynamic credential management. Identity governance must become real-time, context-aware, and responsive, capable of understanding agent intent, evaluating risk on the fly, and revoking access immediately if trust thresholds are violated.

The Competitive Imperative

Vendors that lead in embedding data and identity safeguards into agent workflows will be best positioned to capitalize on AI-driven transformation. That includes enabling seamless identity federation, supporting behavior analytics, and tightly integrating with broader security infrastructure (e.g., SIEM, DLP, and XDR). Organizations are watching closely: only 60% of cybersecurity teams currently feel equipped to address AI-specific security risks, and that number may fall as complexity grows. By acting now, vendors can empower enterprises to secure the future, rather than react to its fallout.

The full report is available via subscription to Futurum Intelligence’s Cybersecurity & Resilience IQ service—click here for inquiry and access.

Futurum clients can read more in the Futurum Intelligence Platform, and non-clients can learn more here: Cybersecurity & Resilience IQ.

About the Futurum Cybersecurity & Resilience Practice

The Futurum Cybersecurity & Resilience Practice provides actionable, objective insights for market leaders and their teams so they can respond to emerging opportunities and innovate. Public access to our coverage can be seen here. Follow news and updates from the Futurum Practice on LinkedIn and X. Visit the Futurum Newsroom for more information and insights.

Author Information

Krista Case

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.