The Real Risks of Agentic AI in the Enterprise

As enterprises race to adopt AI, many are discovering that traditional security models no longer hold. In this episode of Data Security Decoded, host Caleb Tolin is joined by Camille Stewart-Gloster, CEO of CAS Strategies and former Deputy National Cyber Director, to unpack how AI is redefining cyber risk at every layer of the organization. Camille explains why identity-based attacks are so effective and how non-human identities (from APIs to AI agents) are quietly expanding the attack surface. She emphasized how critical MFA is for organizations to enable as they scale up AI operations., and why conditional access and governance must be foundational, not optional. The conversation also tackles ethical AI head-on. Camille argues that AI ethics and AI security are inseparable, and that removing humans from the loop introduces both legal and operational risk. From shadow AI to agent autonomy, she offers a clear-eyed framework for deploying AI systems that augment human teams rather than replace them. This episode is a practical guide for security leaders and learners navigating AI adoption, focused on resilience, trust, and long-term enterprise readiness. What You’ll Learn Why identity has become the dominant attack surface How AI agents and non-human identities increase risk Where EDR falls short in Identity-driven attacks Why AI ethics is foundational to AI security How governance enables secure AI deployment When AI should augment—not replace—security teams Episode Highlights [00:03:00] Cyber offense and the evolving national strategy [00:07:30] Identity eclipses malware as the primary threat [00:10:00] AI systems as high-value targets [00:12:30] Human judgment vs. automated response [00:14:00] The ethics–security connection [00:15:30] Why AI governance can’t be an afterthought