Agentic AI
,
Artificial Intelligence & Machine Learning
,
Identity & Access Management
Mark McClain on Why Governance Is the Foundation for Managing Non-Human Identities
Credential management wasn’t originally viewed as core to identity security, but the rise of artificial intelligence agents means organizations now need full visibility into credentials, said SailPoint CEO Mark McClain.
See Also: How to Defend Against AI-Powered Identity Fraud
Even highly autonomous agents ultimately operate according to policies established by people, which makes human identity governance the foundation for securing non-human identities, McClain said. Organizations must not only determine what AI agents can access but also demonstrate that those permissions comply with regulatory and organizational policies, and he expects governance to grow (see: AI Agents Create Hybrid Identity Security Challenges).
“This idea that we’re seeing in the market where we’re going to manage agents independent of humans, we think that’s a non-starter,” McClain said. “Whether it’s a directly connected copilot-style agent or even a fairly autonomous group of agents performing a business function, they’re still under the direction of some people in the organization giving that policy and oversight.”
In this video interview with ISMG, McClain also discussed:
- Why traditional governance approaches will not scale in the AI era;
- How AI can automate complex identity deployments and migrations;
- Why identity is the central security control for AI adoption.
McClain has more than 35 years of experience in the tech industry, including two decades in identity management. He has guided SailPoint from its 2005 inception to a successful IPO in 2017. He is recognized for fostering a people-first culture and is the author of “Joy and Success at Work,” advocating for authentic organizational culture.

