Mountain View is home to the Computer History Museum. This location is no accident, as in 1956, the Shockley Semiconductor Laboratory opened here and manufactured the first silicon devices in what became known as Silicon Valley. Many of the scientists and engineers who worked there later founded companies that helped define the region’s electronics and computing industry. More than 400 firms can trace their roots back to Shockley’s lab.
That made "The Valley of Heart's Delight" a fitting backdrop for the Okta AI Identity Summit. The day centered on a familiar pattern in technology history, where a new capability arrives first, then the control systems struggle to catch up. This time, the capability is agentic AI, meaning software that can reason through a task, connect to tools, and take action on behalf of a person or organization. The control system is identity, which is what every talk and panel focused on.
Here are just a few highlights and learnings from this edition of the Identity Summit.
The Future Needs Identity, Not Just Credentials
In her opening visionary keynote, "You're Already Designing the Future: Identity for the Agents Among Us," Heather Vescent, Cybersecurity Futurist, Author, and Research Analyst, began with a useful reminder from William Gibson: the future is already here, just unevenly distributed. AI agents are already being built, and this is moving faster than the identity systems meant to govern it. Identity was already messy in the online era, when humans accumulated accounts across hundreds of apps. The agentic age makes that mess larger by adding software that can reason, use tools, act on intent, and create consequences on behalf of people and organizations.
Heather mapped the new “inhabitants” of this world with useful precision. Augmented humans use technology to extend their work, like classroom companions that track attendance and participation so teachers can focus on teaching. Digital twins raise harder questions about representation, permission, and responsibility. Digital employees, such as non-human teammates operating inside collaboration tools, blur the line between bot, role, and organizational actor. Autonomous agents go further still, pursuing goals, evaluating outcomes, interacting with systems, and sometimes acting in ways that create real risk. She said we need to think about the outcomes of these systems, and not just the happy path: capability without accountability is not a strategy.
Heather argued for future proofing as a discipline, not a prediction game. Look at what is changing, imagine how identity might work five years from now, then decide what to design differently today. That means evolving authentication and authorization for non-human actors, and building standards for accountability before the edge cases become normal operations. Every era of technology is shaped by decisions that accumulate. This one gives us a rare advantage: we have enough foresight to design better before the agentic enterprise hardens around choices we did not mean to make.
Identity Becomes the Control Plane for Agents
Gareth Davies, Chief Product Officer at Auth0, in his session "Controlling AI agents: The identity model for visibility, access, and action," framed the secure agentic enterprise around a simple premise: agents are already running, and many are running without permission. This is not a potential future; this is right now. He said, "AI security is identity security." If an agent can connect to tools, reach data, and act at machine speed, then the organization needs to know where that agent is, who owns it, what policies apply, what it can connect to, and what actions it can take. Without that baseline, even one unsecured connection can turn into a full-system compromise.
Gareth laid out a pragmatic operating model in his talk. First, organizations need discovery. Shadow agents are hard to govern if no one can see them. Second, they need to understand connections, because the blast radius of a compromised agent is defined by what it can reach. Third, they need real-time governance, because agents do not wait for quarterly reviews before taking action. He pointed to controls like access certifications, telemetry, human-in-the-loop approvals for sensitive actions, and kill switches that can deactivate an agent when something goes wrong. We need to give builders a secure path to production.
He also connected identity to growth, not just risk reduction. The companies that lead the agentic era will be those that embed trusted, action-oriented AI into products without forcing every team to rebuild their identity from scratch. He said a successful future needs to be vendor-neutral, lifecycle-aware, and built for a world where dozens of agents become thousands, then swarms. Traditional security tools were not built for that scale. Identity has to become the control plane.
Rewiring the Work, Not Just Adding AI
In his session "Rewire the Work: How AI Leaders Are Building the Next Competitive Advantage with AWS and Okta," Sai Lolayekar, Principal Business Innovation Advisor at AWS, explained that most AI transformation efforts are not failing because people lack interest in AI. They are failing because teams are applying new tools to old workflows and expecting a different outcome. The competitive advantage comes from second-order change, where organizations rethink how work actually happens. History is full of examples, from electricity reshaping how industry works to digital transformations in the last 30 years, where technology creates possibilities, but value only shows up when companies redesign operating models, roles, decisions, and measures of success.
His framework centered on four pillars that have to move together: environment, experience, enablers, and expertise. Environment is the leadership mindset, funding model, and psychological safety that make change possible. Experience is the deep, tacit knowledge of how work gets done inside a business. Enablers are the tools, data, platforms, and technology that amplify capability. Expertise brings the cross-disciplinary know-how needed to connect strategy, craft, and execution. Sai told us that too many organizations over-index on enablers and call that transformation. Tools matter, but they do not create capability by themselves.
He said inside AWS, they use that framework to find friction, shape the opportunity, work backward from the real pain, design the future, and keep adoption in mind from the start. Rewiring the work also means rewiring trust, including human access and agent access from day one. Think big, start small, and scale where AI can shift behavior into compounding outcomes.
Agents Are Already Here, Governance Must Evolve
Throughout the summit, it was clear that agentic enterprise is no longer theoretical. Speakers described agents already operating inside workflows, products, collaboration tools, and consumer experiences, often without clear ownership or permissioning. That creates a familiar technology pattern: capability arrives first, then the control model has to catch up.
If companies do not intentionally design the identity layer for agents now, they will inherit whatever messy model emerges by default.
Identity Is Moving From Access Control To Action Control
The old identity question was, “Can this person log in?” The new question is, “Can this actor take this action, in this context, with this level of autonomy, right now?”
That is a much bigger design problem. Agents authenticate to connect systems, call APIs, summarize context, trigger workflows, and make decisions across boundaries. That means identity can no longer stop at proving who or what something is. It has to govern what that actor is allowed to do, when it is allowed to do it, what evidence proves of how it acted, and where human approval is required.
Identity is becoming the runtime infrastructure for decision-making, not just a gate at the front door.
The Real Risk With AI Is Inherited Authority
A lot of agent risk comes from the fact that agents inherit power from humans. Systems, tokens, and integrations around these agents all have a person who granted that access. If an agent plugs into the wrong tool with the wrong scope, its blast radius is not defined by the agent’s intelligence. It is defined by the authority it can borrow.
That reframes the security concern. The scary part is that agents are likely over-permissioned, poorly inventoried, loosely connected, and able to operate faster than humans can review. One bad MCP connection, one overly broad token, one unclear delegation path, and the agent becomes a force multiplier for existing identity debt. Agentic AI exposes the permission sprawl organizations already have, then accelerates it.
Enterprises Need A New Accountability Model, Not Just New Controls
The sessions kept circling around unresolved accountability questions: Who owns a digital employee? Who approves an autonomous agent’s actions? What happens when two agents interact and create a bad outcome that no one explicitly requested?
Controls like registries, kill switches, access reviews, and human-in-the-loop approvals are necessary, but they only work if the organization has decided where accountability lives. Is the agent accountable to a human owner, a business process, a policy, a department, a product team, or some combination of all of those? The agentic enterprise needs accountability paths that match how work actually flows, not just how the org chart looks.
Identity Is the Foundation for Agentic Trust
Agentic AI is not waiting for perfect governance, polished standards, or clean org charts. It is already being integrated into workflows, products, and enterprise systems. The work now is to make sure every agent has an owner, every action has a trail, and every permission has a reason. Your author was proud to be part of a panel discussion where we talked through these ideas from a practical angle: "Governing the Autonomous Workforce: Ownership models, continuous access reviews, and audit-ready traceability."
Identity, in all reality, is more than access control. It is the base building block of trust in our operational models. The agentic enterprise will move faster, but speed without attribution and controls is just risk with better tooling. The organizations that get this right will not treat governance as a drag on innovation. They will treat it as the structure that lets autonomy scale safely.
