Agentic AI
,
Events
,
Governance & Risk Management
Accenture’s Kris Burkhardt on Governing Agents, Controlling Access, Managing Risk
Unlike human users, agents are ephemeral – sometimes active for mere seconds – yet they can inherit permissions, act on behalf of large groups and execute tasks, said Kris Burkhardt, CISO at Accenture.
See Also: How Cyber Deterioration Raises Enterprise Risk
Traditional identity and access management systems, built for the pace of human onboarding and offboarding, can’t operate at the speed or scale that agentic environments demand, Burkhardt said.
“Agents also don’t have the judgment that you have. If they stumble across data that they shouldn’t, they’re not going to report it – they’re going to use it,” Burkhardt said. Monitoring agent behavior at scale will require agents watching agents. Burkhardt said dedicated logging of agentic actions – separate from human activity logs – is the most practical near-term approach, with AI systems tasked to detect anomalies within those logs.
In this video interview with Information Security Media Group at RSAC Conference 2026, Burkhardt also discussed:
- Why enterprises must define their agentic identity strategy before selecting tooling;
- How attackers are using agentic AI to manage multiple attack vectors simultaneously and accelerate zero-day exploit deployment;
- Why modernizing technical debt and establishing a fail-fast experimentation culture are prerequisites for secure AI adoption.
Burkhardt leads a team of 800 security experts charged with protecting company, client and people data. He is accountable for security operations, client data protection, cyber risk reduction strategies, incident response, cybersecurity integration of acquisitions and an industry-leading behavioral change program.
Click Here For The Original Source.
