In this episode of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler explore a pressing security shift: adversaries are increasingly bypassing traditional credential theft to exploit the AI systems already embedded within corporate environments. The hosts discuss how "agentic" AI solutions often operate with overprivileged non-human identities, granting bots excessive access to data and infrastructure that far exceeds their functional requirements.
This resurgence of "standing access" for machine accounts—a vulnerability CISOs thought they had mitigated—is being exacerbated by the rapid, near-universal adoption of AI development tools. Using real-world examples, ranging from inadvertent AI-generated discounts to the complex liability of autonomous vehicles, Chris and Ken illustrate the risks of prompt injection and data poisoning. The episode serves as a critical call to action for security teams: to treat AI agents with the same rigorous identity management and just-in-time provisioning standards historically reserved for human users before these misconfigurations lead to massive data exfiltration.
What is Cybersecurity Awesomeness Podcast?
The Cybersecurity Awesomeness Podcast from Enterprise Management Asscoaites (EMA) features cybersecurity experts Chris Steffen and Ken Buckler discussing critical cybersecurity issues. They cover everything from the challenges of certificate management and the cyber workforce talent shortage to deep. Available on all major platforms, this podcast offers credible, well-regarded insights into today's top security topics.