In today’s rapidly evolving technological landscape, artificial intelligence (AI) agents are reshaping the paradigms of enterprise cybersecurity. They transition the conventional tool-based security model into an autonomous operating layer, enabling systems to manage themselves with minimal human intervention. This new dynamic raises unique challenges, especially concerning the emergence of non-human identities within enterprise systems. As these AI agents operate independently, they necessitate strict governance and robust security measures to mitigate associated risks.

Rama Sekhar, a partner at Menlo Ventures, emphasizes the complexities introduced by these agents. Unlike their generative AI counterparts, which rely heavily on human input, AI agents possess memory and autonomy, allowing them to execute tasks independently. This independence comes with defined operational limits or “blast radii,” thereby amplifying potential risks. As businesses increasingly integrate these agents into their workflows, the imperative of visibility and permission control becomes paramount. Without these measures in place, organizations may find themselves navigating the treacherous waters of overprovisioned access and unmanaged shadow AI, both of which can expose valuable data or vulnerable systems to malicious entities.

According to Sekhar, the challenge facing enterprises has shifted. “The problem is no longer finding issues; it’s fixing and prioritizing them,” he notes. This shift highlights a critical need for companies to advance from merely identifying vulnerabilities to adopting automated remediation strategies. In this context, AI not only serves as a threat but also as a valuable ally; agents can be programmed to detect and patch vulnerabilities autonomously, thus enhancing overall security posture.

In an insightful video interview with Information Security Media Group, conducted at the 2026 RSA Conference, Sekhar elaborates on several key areas of concern regarding AI in enterprise security:

• He argues that non-human identities are increasingly emerging as the primary security challenge for enterprises. With the growing sophistication of AI agents, understanding and managing these identities is crucial.
• He emphasizes the necessity for enhanced visibility and governance, underscoring the importance of being aware of where AI agents are operating and what systems they can access. This awareness is crucial for securing agent-driven applications and workflows.
• Lastly, Sekhar advocates for just-in-time access protocols, which can significantly decrease risks associated with overprovisioned agents. These measures ensure that agents have only the permissions they need to function, thereby minimizing the attack surface.

At Menlo Ventures, Sekhar is keenly focused on investing in cybersecurity, AI, and cloud infrastructure. His approach involves collaborating closely with innovators in the field, ensuring that the next generation of cybersecurity technologies is not just reactive but also proactive in combating emerging threats. Prior to his tenure at Menlo Ventures, Sekhar amassed nearly 15 years of experience at Norwest Venture Partners, during which he spearheaded investments in various pioneering companies such as Veza, Harness, Agari, SourceClear, InfluxData, and Dremio.

As enterprises navigate the complexities of this new technological landscape, the insights offered by experts like Rama Sekhar prove invaluable. By adopting a proactive approach towards AI governance and security, businesses can better equip themselves to meet the challenges presented by autonomous agents. This not only enhances organizational resilience but also fosters a safer digital environment amid an ever-evolving threat landscape.