Agentic AI
,
Digital Identity
,
The Future of AI & Cybersecurity
Rinki Sethi of Upwind Security on Fixing Identity Gaps in Agentic AI
Agentic artificial intelligence systems create a layered attack surface where no single step appears malicious, yet the chain of actions produces a breach. Rinki Sethi, CISO and CSO of Upwind Security, said securing these workflows demands threat modeling and identity governance baked in at the architecture stage and not bolted on after deployment.
See Also: Privilege Blind Spots: Part 1, Uncover Risk from Siloed Identity Tools
Sethi said the accountability for failure isn’t fixed to one layer. Attacks can originate at the model, the orchestration layer or the identity plane – and each requires distinct controls.
“Agent to agent, agent to human, human to agent: the identities are orchestrated in the right way and you have governance over it. Identity is going to be one of the biggest challenges we’re going to have to solve, whether it’s machines, humans or agents,” she said.
In this video interview with ISMG, Sethi also discussed:
- How perfect visibility still leaves certain AI-driven attack vectors undetectable;
- Why non-malicious insider actions through agents can trigger serious data exposure;
- How red teaming agentic workflows catch risks that step-level policy checks miss.
Sethi has more than two decades of experience leading security programs at major technology companies including Twitter, Rubrik, Bill, IBM, Palo Alto Networks, Intuit and eBay. As chief security officer at Upwind Security, she oversees the company’s global information security and technology functions while helping shape strategy around cloud and AI security.

