Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label enterprise AI. Show all posts
IT Infrastructure
AI in cybersecurity AI Security Cyber Security Data protection data security Data security software enterprise AI IT Infrastructure

Rocket Software Research Highlights Data Security and AI Infrastructure Gaps in Enterprise IT Modernization

 

Stress is rising among IT decision-makers as organizations accelerate technology upgrades and introduce AI into hybrid infrastructure. Data security now leads modernization concerns, with nearly 70 percent identifying it as their primary pressure point. As transformation speeds up, safeguarding digital assets becomes more complex, especially as risks expand across both legacy systems and cloud environments. 

Aligning security improvements with system upgrades remains difficult. Close to seven in ten technology leaders rank data protection as their biggest modernization hurdle. Many rely on AI-based monitoring, stricter access controls, and stronger data governance frameworks to manage risk. However, confidence in these safeguards is limited. Fewer than one-third feel highly certain about passing upcoming regulatory audits. While 78 percent believe they can detect insider threats, only about a quarter express complete confidence in doing so. 

Hybrid IT environments add further strain. Just over half of respondents report difficulty integrating cloud platforms with on-premises infrastructure. Poor data quality emerges as the biggest obstacle to managing workloads effectively across these mixed systems. Secure data movement challenges affect half of those surveyed, while 52 percent cite access control issues and 46 percent point to inconsistent governance. Rising storage costs also weigh on 45 percent, slowing modernization and increasing operational risk. 

Workforce shortages compound these challenges. Nearly 48 percent of organizations continue to depend on legacy systems for critical operations, yet only 35 percent of IT leaders believe their teams have the necessary expertise to manage them effectively. Additionally, 52 percent struggle to recruit professionals skilled in older technologies, underscoring the need for reskilling to prevent operational vulnerabilities. 

AI remains a strategic priority, particularly in areas such as fraud detection, process optimization, and customer experience. Still, infrastructure readiness lags behind ambition. Only one-quarter of leaders feel fully confident their systems can support AI workloads. Meanwhile, 66 percent identify data accessibility as the most significant factor shaping future modernization plans. 

Looking ahead, organizations are prioritizing stronger data protection, closing infrastructure gaps to support AI, and improving data availability. Progress increasingly depends on integrated systems that securely connect applications and databases across hybrid environments. The findings are based on a survey conducted with 276 IT directors and vice presidents from companies with more than 1,000 employees across the United States, the United Kingdom, France, and Germany during October 2025.
Read more »
Todd Thiemann
ai agents authorization Cybersecurity enterprise AI Graham Neray identity management Oso Security Technology Todd Thiemann

The Rise of AI Agents and the Growing Need for Stronger Authorization Controls

 

AI agents are no longer confined to research labs—they’re now writing code, managing infrastructure, and approving transactions in real-world production. The appeal is speed and efficiency. The risk? Most organizations still use outdated, human-oriented permission systems that can’t safely control autonomous behavior.

As AI transforms cybersecurity and enterprise operations, every leap in capability brings new vulnerabilities. Agentic AI proves this clearly—machines act faster than people, but they also fail faster.

Traditional access controls were built for human rhythms. Users log in, complete tasks, and log off. But AI agents operate nonstop across multiple systems. That’s why Graham Neray, co-founder and CEO of Oso Security, calls authorization “the most important unsolved problem in software.” He adds, “Every company that builds software ends up reinventing authorization from scratch—and most do it badly. Now we’re layering AI on top of that foundation.”

The problem isn’t intent—it’s infrastructure. Most companies still manage permissions through static roles and hard-coded logic, which barely worked for humans. An AI agent can make thousands of changes per second, and one misstep can cause massive damage before anyone intervenes.

Pressure to prove ROI adds another layer of risk. Todd Thiemann, principal analyst at Omdia, explains, “Enterprise IT teams are under pressure to demonstrate a tangible ROI of their generative AI investments… Security generally, and identity security in particular, can fall by the wayside in the rush to get AI agents into production to show results.”

It’s tempting to give agents the same permissions as their human users—but that’s exactly what creates exposure. Thiemann warns, “AI agents lack human judgment and contextual awareness, and that can lead to misuse or unintended escalation.” For example, an agent automating payroll should never be able to authorize transfers. “Such high-risk actions should require human approval and strong multi-factor authentication,” he adds.

Neray believes the solution lies in designing firm, automated boundaries. “You can’t reason with an LLM about whether it should delete a file,” he says. “You have to design hard rules that prevent it from doing so.”

That means building automated least privilege systems—granting only temporary, task-specific access. Oso Security is helping companies move authorization from hard-coded systems to modular, API-driven layers. “We spent a decade making authentication easier with Okta and Auth0. Authorization is the next frontier,” Neray says.

As CISOs step in earlier to guide AI deployment, the goal isn’t to block innovation—but to make it sustainable. Limiting privileges, requiring human approval for critical actions, and maintaining audit trails are key.

Thiemann sums it up: “Minimizing those privileges can minimize the potential blast radius of any mistake or incident.”

AI doesn’t just change what’s possible—it redefines what’s safe. Machines don’t need more power; they need better permissions.
Read more »
Subscribe to: Comments (Atom)