AI agents gain autonomy, raising trust issues in Zero Trust models as they often lack identifiable ownership and governance. Security risks emerge from “orphaned agents” with unchecked permissions, violating Zero Trust principles. To enhance security, organizations should apply NIST's AI Risk Management Framework with an identity-centric approach, ensuring every AI agent has a unique identity, defined owner, and lifecycle management. This redefines agentic AI from a risk to a governable entity, establishing trust through accountability and oversight.
https://www.bleepingcomputer.com/news/security/zero-trust-has-a-blind-spot-your-ai-agents/