Zero trust for humans – but implicit trust for machines?
Zero trust for humans – but implicit trust for machines?
https://www.raconteur.net/technology/zero-trust-for-humans-but-implicit-trust-for-machines
Publish Date: 2026-03-29 09:23:00
Source Domain: www.raconteur.net
New research has revealed the extent to which the zero trust framework, developed to reduce risk across enterprises, is under pressure as AI adoption outpaces security governance. In 65% of organisations, zero trust controls cannot secure non-human identities (NHIs), including new agentic AI systems.
AI agents offer clear advantages, from generating content and retrieving information, to triggering downstream actions. However, they too often run unsupervised and without guardrails, increasing the risk of data leaks, credential compromise and wider operational disruption. The fact that they are operating with fewer checks than their human colleagues should ring alarm bells. According to Netskope’s AI Risk and Readiness Report 2026, which surveyed 1,253 cybersecurity professionals, 56% of enterprises acknowledge exposure to agentic AI risk. This is largely because AI tools operate autonomously in shadow mode, with organisations often only discovering what an agent has done after the action is complete.
Shadow AI risk grows
The scale of adoption is already significant: some 24% said agents were in limited production within their organisation, 9% had ungoverned agents operating at scale handling core business logic, and 23% suspected there to be shadow agentic AI deployments in operation, unknown to internal IT. In fact, 32% admitted that they have no visibility into agent actions at all.
“Organisations need a better understanding of the underlying technology and greater visibility into what they are giving up when they use agentic AI,” says Netskope’s CISO, James Robinson. “Too many enterprises are relying on legacy security models to secure this new technology.”
The principles of zero trust must evolve to account for non-human identities
AI agents often have broad access across enterprise systems and almost none of it can be meaningfully intercepted. They can also be prompted to perform unintended actions – for example,…
