Events
,
RSAC Conference
,
RSAC Conference Videos
Cisco’s Matt Caulfield on Identity, Governance and Agent Risk
Artificial intelligence agents demand a new identity model as they combine machine speed with human-like access, said Matt Caulfield, vice president of identity and Duo Security at Cisco.
See Also: How Attackers Use AI to Outsmart Email Filters
Enterprises face rising risk as agents scale across systems and operate without predictable behavior. Traditional identity tools fail to address this hybrid nature, which creates gaps in governance and control.
Caulfield said organizations must treat agents as a distinct identity class within IAM systems. Each agent should link to a human owner and operate with constrained permissions. This structure creates accountability and limits unintended actions. As adoption grows, enterprises must shift from access-based controls to action-level enforcement under zero trust principles.
“Agents are non-deterministic. Trying to use the same tools that we had for machine identities or workload identities just breaks down almost entirely from day one,” he said.
To manage risk, Cisco promotes tight guardrails based on least privilege and continuous monitoring. Observability tools such as Splunk help track agent behavior across environments, and identity intelligence and AI defense capabilities add visibility and enforce policy. These controls help organizations manage thousands of agents while reducing exposure from over-permissioned access.
In this video interview with Information Security Media Group at RSAC Conference 2026, Caulfield also discussed:
- Why AI agents require a new identity classification in IAM;
- How zero trust must evolve from access to action-level control;
- The role of observability and least privilege in agent governance.
Caufield leads Cisco’s identity-driven security strategy and zero trust initiatives across enterprise environments. He joined Cisco after the acquisition of Oort, a venture-backed identity threat detection and response startup he founded in 2019. He is now focused on understanding how AI agents are reshaping the way organizations secure both human and non-human identities at scale.
By clicking here, you agree to receive contact from Cisco with offers, promotions and the latest news regarding its products and services. You can unsubscribe at any time. Click here to learn more.
by admin