The Run-Time Review

We need to stop treating agents like features. There is a dangerous misconception that an AI agent is just a chatbot with a few extra buttons or a polished UI wrapper around an LLM. This view is not just wrong. It is a fundamental security and governance liability that creates blind spots in your architecture. An agent is a system. It is a complex, autonomous loop that operates with a level of independence we have never granted to software before. Unlike a standard microservice that executes a deterministic function when called, an agent decides if it will execute a function, how it will execute it, and what to do with the result. This is a paradigm shift. We are moving from deterministic code to probabilistic systems. And right now, we are procuring and deploying these systems with the same casual oversight we give to a UI update.

For decades, my focus has been squarely focused on securing data across the digital enterprise, tackling the foundational layers of access and trust. Having spent four years developing and scaling zero trust data security solutions at Votiro, and earlier, delivering critical Identity and Data security solutions during my time at IBM, I’ve witnessed firsthand how identity controls crumble under new technological pressures. We have learned to trust no user and no device.

We have all seen the headlines: AI agents promise to change everything. But, here’s the reality, from someone who’s been in the enterprise trenches since the early days of web transformation to the mad dash to the cloud, and now AI agents. Most companies can’t see control, or govern the AI that’s already running inside their IT environment.