Navigating the AI access control minefield

IT security implications of enterprise AI

Although many organisations are still in the early stages of AI maturity, Jacob Connell, AI and automation engineer at Quorum Cyber, says one of the biggest challenges in this journey is integrating automation and AI securely into existing enterprise systems.

“As AI-driven attack surfaces expand, identity becomes a foundational control for securing automation and, critically, for limiting blast radius when things go wrong. Mistakes will happen; the goal of modern identity design is to ensure the impact is contained and recoverable,” he says.

As AI-driven attack surfaces expand, identity becomes a foundational control for securing automation and limiting blast radius when things go wrong

According to Connell, AI is not just adding a new user type to identity and access management; it is forcing organisations to redesign identity as a continuous control plane for humans, workloads and agents alike.

Looking at traditional IAM, Connell says that once a user or service is authenticated and receives a token, that token could be replayed freely until expiry – sometimes for hours or days – without the platform rechecking whether anything important has changed about the subject’s standing. But he warns that “this model no longer holds”. 

Connell suggests IT security leaders should deploy a continuous evaluation model. Although a valid token is still necessary, when a token is presented, he says centrally defined policies should confirm that the subject and its context still meet all the requirements at that moment. Connell recommends checking whether the identity is still active, whether it has been flagged as high risk, whether the IP or location has changed unexpectedly, whether the device posture has degraded, and whether there is new threat intelligence that suggests a compromise, among other things.

“Evaluating these signals at the edge can significantly reduce the window of identity abuse,” he says. The approach applies equally to human users, machine workloads and emerging hybrid identities that are created by agentic AI acting either autonomously or on behalf of a user, such as when there is a human in the loop.

Ethics and IAM

IT and security leaders should also consider the ethical ramifications of deploying AI in their organisations.

Mike Gillespie, senior vice-president of Europe at the Centre for Strategic Cyberspace and Internet Studies (CSCIS), points out that AI identity systems can amplify bias, which he says disproportionately impacts vulnerable groups. This means they risk becoming opaque decision engines that erode trust.

As Gillespie notes, regulators are increasingly explicit that fairness, explainability and contestability are not “nice to haves”, but essential design principles embedded throughout the lifecycle of an AI system.

He says the UK is advancing a principles-based, regulator‑led model for AI oversight. These include the Data (Use and Access) Act 2025, updated guidance from the Information Commissioner’s Office (ICO), and ongoing reforms that significantly shape how AI identity systems must operate.

As Gillespie explains, the Data (Use and Access) Act 2025 expands organisational duties around automated processing, children’s data protection and complaint handling. He says this shows that AI-driven identity checks will face greater scrutiny regarding oversight and safeguards.

With regards to updated ICO guidance, Gillespie says there is renewed emphasis on fairness, transparency and clear legal bases for processing, especially where AI influences decisions with “legal or similarly significant effects”.

Additionally, sector‑specific legislation such as the UK’s Online Safety Act 2025 mandates “highly effective” age and identity verification for high‑risk online services, which Gillespie says reinforces the need for accuracy, privacy‑preserving methods and demonstrable compliance.

“The pattern is unmistakable: organisations must prove responsible use, not merely assert it. That means implementing effective governance and regulatory compliance [GRC] as part of the adoption,” he adds.

The challenge of monitoring the use of AI is that it requires the collection of personal data, as Ellie Hurst, commercial director at Advent IM, explains. “Once AI is involved in deciding who gets access, who is challenged, who is flagged as suspicious, or who is denied entry altogether, that stops being just a technical control and quickly becomes a governance matter,” she says.

“Many of these solutions rely on large volumes of personal data, sometimes including biometrics, behavioural analysis, device data, location information and patterns of use. That means organisations need to be crystal clear on lawful basis, necessity, proportionality, retention and oversight. In other words, they need to know not just that the tool can do something, but that they should be doing it at all. It’s like knowing that an iPhone is a tool, not the conversation,” adds Hurst.

Looking at specific standards that include governance, Gillespie says ISO/IEC 42001, the world’s first AI management system standard, introduces a structured approach for governing AI responsibly, integrating leadership accountability, lifecycle controls, risk assessment and ongoing performance evaluation.

According to Gillepsie, ISO/IEC 42001 provides a governance architecture that organisations can use to ensure that AI identity solutions are explainable, monitored, tested and continuously improved.

However, he says: “ISO 42001 does not replace compliance obligations, but it provides the organisational discipline needed to navigate them confidently. Implementing effective GRC requires embedding governance from the outset: adopting ISO 42001’s structured AI management framework, performing DPIAs [data protection impact assessments], enforcing privacy‑ and fairness‑by‑design, maintaining transparency and documentation, and ensuring robust human oversight.”

With regulators increasingly focused on accountability, fairness and privacy, Gillespie recommends that IT security leaders consider deploying AI identity built on a foundation of trust, accountability and principled design as no longer optional. “They are essential for safe, lawful and responsible AI identity management,” he says.

Just because a system can infer more does not mean it should. It’s a potential minefield that should be navigated mindfully and with integrity

Advent IM’s Hurst warns that data gathered to confirm identity can easily become data used to monitor behaviour, profile staff, track habits or support broader surveillance if the guardrails are poor. That is where trust starts to wobble.

“Enterprises need privacy by design, proper impact assessments, transparent notices and disciplined boundaries around how identity data is used. Just because a system can infer more does not mean it should. It’s a potential minefield that should be navigated mindfully and with integrity,” she says.

This is why a full assessment is needed for any organisation planning how it will use AI. Summing up, Gillespie says: “Privacy and ethics are not parallel workstreams; they form the foundation for any legitimate use of AI.”

As AI and agentic AI systems are rolled out across organisations, IT departments are likely to face new challenges beyond managing the technology infrastructure required to run AI inference at scale. IAM is part of a layered approach to cyber security that security leaders need to put in place. 

A traditional human-centric approach to IAM is unlikely to be sufficient to manage the credentials of AI systems. In addition, IT and security leaders also need to put in place a governance framework for AI that balances enterprise security with the data privacy of employees.