When AI becomes its own defender: The rise of Agentic Identity

In 2026, Southeast Asia's cybersecurity landscape is a digital battleground where AI-driven attacks and defences are in an arms race. The region's rapid digitalisation has seen AI agents become the fastest-growing identity type, yet they are often poorly governed, creating a massive attack surface.

This is the core of the new frontier: Agentic Identity. It is the shift from automated identity management to autonomous, self-defending systems where identity becomes the central control plane.

By certifying, governing, and monitoring AI agents in real-time, organisations can create an "adaptive identity" posture. This is no longer optional; it is essential for building trusted AI adoption and resilient digital economies across Southeast Asia's diverse regulatory environments.

Defining agentic identity

The rise of agentic identity marks a profound evolution in how organisations secure their digital ecosystems, particularly as AI agents—autonomous entities capable of independent decision-making—proliferate.

Chandra Gnanasambandam, executive vice president of product and chief technology officer at SailPoint, defines an AI agent as meeting three key criteria: "It's autonomous. It's goal-seeking — it has a goal and solves a problem. It has reasoning capabilities — it doesn't just follow prescribed algorithms; it can learn, adapt, and decide to try a different approach when one doesn't work."

He emphasises that these agents are "a new form of identity — a digital worker," akin to "interns: well-intentioned but not always doing the right thing, so you must pay close attention."

Agentic identity, therefore, involves treating these agents as identities that "must be governed and secured in the same way human identities are." Chandra Gnanasambandam

Quantifying risks in Southeast Asia

In Southeast Asia, where fragmentation across countries, local laws, and data-sovereignty requirements adds complexity, quantifying the risks posed by ungoverned AI agents is paramount.

Gnanasambandam outlines a three-part framework for this: first, discovery of all agents in the environment, including those run by employees, third-party partners, and contractors, as "risk comes from the unknown or unmanaged — what you don't know and don't see."

Second, mapping users and data entitlements for each agent: "Who are the users inside the organisation authorised to use it, and are they the right people? What critical data and application entitlements does that agent have access to, and should it have access?"

Third, extending governance to third-party humans and agents in the supply chain, where even mature corporations often falter. This approach is crucial in a region where supply chains span diverse jurisdictions, amplifying vulnerabilities.

He reiterates that AI agents: "They are a powerful force for innovation, but also introduce a new attack surface. With broad access to sensitive systems and limited oversight, they become prime targets for attackers."

Estimates suggest 40 to 60-plus non-human identities per one human, demanding capabilities beyond traditional identity and access management (IAM).

Essential capabilities for control

Gnanasambandam identifies four foundational capabilities for an agentic identity control plane, insisting on a platform approach: "You cannot solve this with siloed products — one for discovery, one for certification, and so on. You need a single platform; it's the only way to govern and secure the agents of the future."

These include discovery ("You can't govern or secure what you don't know"), correlation and aggregation (linking agents to users and data), just-in-time and real-time authorisation (fine-grained access grants), and onboarding of all applications.

He observes that while a small percentage of organisations recognise this shift from "best-of-breed" to platform models, urgency is growing due to the "attack surface [that] has expanded exponentially."

Franck Vervial, regional CISO for APAC and MENA at L'Oreal, reinforces the need for automation in response: "In an era of agentic AI-driven attacks, such automation is not optional — it is essential for timely and effective response."

Such commentaries highlight the gap in Asia, where rapid AI adoption outpaces security maturity.

Justifying investments

Justifying investments in agentic identity security requires framing it as a business enabler. Gnanasambandam advocates a dual narrative: "The left side is growth and innovation, and the right side is risk management."

He points to McKinsey's estimate of US$4.4 trillion in value from agentic systems, often through growth use cases like automating loan origination in banks to expand portfolios.

On risk, he asks: "What's the cost of a single breach caused by a compromised agent?" With agents outnumbering humans, exposure multiplies, as seen in past breaches like SolarWinds.

Todd Moore, vice president of data security products at Thales, echoes concern over escalating threats: "AI-powered attacks are becoming easier to deploy and are more effective."

A practical framework

Governments across ASEAN have issued lengthy AI frameworks, but Gnanasambandam distils a practical five-step process: discovery, correlation and aggregation, real-time authorisation, certification (extending human-like annual reviews to agents), and ongoing securing through monitoring. "The key is to execute all five within a single integrated platform," he stresses, as fragmented tools fail.

Observability and detection

Observability is critical for distinguishing normal from compromised behaviour. SailPoint's identity graph maps access pathways with real-time telemetry: "You might see traffic from an agent accessing a data set it wasn't authorised to. That immediately signals anomalous behaviour." Emerging techniques include prompt security monitoring to detect suspicious intent.

Navigating data sovereignty

Data sovereignty complicates cross-border agent access. Gnanasambandam simplifies ASEAN frameworks: "Data about citizens within a country must stay in that country." Compute and data must co-reside, and sometimes operators too, demanding localised compliance. "Deals have become more complex because platform providers must ensure compliance with data-sovereignty and AI-regulation requirements in each jurisdiction."

Coupang's CISO for APAC, Brett Matthes, underscores the foundational role of security: "Any AI solution must be built on a bedrock of strong data security and privacy. Without this foundation, its intelligence is a vulnerability waiting to be exploited."

Building skills and scaling

Security teams need multidisciplinary skills — "business, technology, security, identity, AI, and data" — but talent shortages persist. Gnanasambandam champions platforms to ease this, with most organisations relying on managed security service providers (MSSPs), especially local ones for sovereignty compliance: "The model will be a combination of a robust platform... some critical in-house talent... and trusted MSSP partners."

Scaling remains a hurdle; admits SailPoint's CTO: "The vast majority of organisations are not equipped to scale their identity infrastructure for agentic environments." Discovery falters, with some using ineffective surveys, and fine-grained authorisation is rare, eroding trust and slowing adoption.

The path to maturity

Looking to 2026's end-state, a mature agentic-identity programme enables "adaptive identity security," with complete discovery, real-time controls, certifications, and SOC integration. Gnanasambandam cautions it's a "two- to three-year journey," but achievable with the right platform:

"When an organisation achieves all of that, it reaches the adaptive-identity state. At that point, leaders can finally trust and govern their agents confidently, sleep well at night, and know their environment is secure." Chandra Gnanasambandam

In Southeast Asia's dynamic landscape, agentic identity empowers AI to defend itself, turning potential vulnerabilities into fortified defences.