Dr. John Pritchard is the Chief Executive Officer at Radiant Logic, responsible for the company’s global product vision.getty​Somewhere in your enterprise right now, a sales rep is building an AI agent. They are using a low-code platform—Microsoft Copilot Studio, Salesforce Agentforce, ServiceNow—that’s already authorized in your environment. The agent inherits their permissions. It spawns service principals, OAuth grants and API connections to do its work. Three weeks from now, that rep gets recruited to a competitor. HR processes the departure. IT disables the SSO. The access review closes clean—for every system it knows about.But the agent is still running, the credentials it created are still valid and no tool in your stack can trace those credentials back to a human who no longer works for you.This is the operating reality of every Fortune-scale environment with which I work, and it is the problem traditional identity controls cannot solve.What I Mean By 'Agent'​​Let’s be precise. When I say agent, I do not mean a chatbot, a Copilot suggestion, or an LLM with a system prompt. I mean an AI-driven process, created inside an enterprise platform, that acts autonomously using real enterprise credentials. It moves data, calls APIs and makes decisions without human-in-the-loop approval. It operates under its creator’s identity and access entitlements, frequently inheriting the full set.This is qualitatively different from any prior class of identity. Service accounts are static. API keys are scoped. Agents are autonomous, persistent and inherited.The Inheritance Chain​​For two decades, identity controls were designed for one type: humans. We got reasonably good at it. Then non-human identities—service accounts, certificates, workloads—outpaced our governance, and we spent the last several years adapting. Now agentic AI arrives, and it does not just add a third category. It collapses the walls between them.A human creates an agent. The agent generates service principals, OAuth grants and API tokens. Those machine identities inherit the human’s permissions. The result is a chain—human to agent to machine identity—that no single tool in the modern security stack can observe end-to-end.When the human at the head of the chain changes—switches teams, leaves, loses entitlements or gets downgraded for risk—the systems below rarely propagate the change. The agent keeps running, the credentials stay valid and the access persists. This is the inheritance chain, and it is the central architectural problem in identity security today.The Numbers​​CyberArk’s 2025 identity security report finds that machine identities already outnumber human identities by more than 80 to 1 in the typical enterprise, a ratio set before agentic AI took hold. Gartner forecasts that by 2028, 33% of enterprise software applications will include agentic AI, up from less than 1% in 2024, and 15% of routine work decisions will be made by agents acting autonomously.In a single Fortune-scale environment I worked with this year, the number of live agents went from 1,500 to over 6,000 in a single quarter. Governance coverage sat in the low single digits.This is no longer an emerging risk. It is operational reality.Why Traditional Controls Don't Reach It​​Agent-creation platforms are optimized for experimentation velocity—ship fast, integrate broadly, lower the bar for non-developers to build automation. Identity governance is optimized for managed lifecycle—provision, monitor, revoke. The two operating models do not meet. Agents fall into the seam between them.Secrets management helps, but solves only part of the problem. Rotating an API key does not tell you whether the agent using it should still exist, or whether its inherited permissions still match the creator’s current role. The ungoverned layer is the identity objects themselves: the service principals, role assignments and entitlement grants that persist through credential rotation. Most organizations that say they have started solving non-human identity have actually solved secrets management. That is necessary, but not sufficient.From Visibility To Observability​​The required shift is from visibility to observability.Visibility tells you that an identity object exists. Observability tells you its internal state, including who created it, what entitlements it inherited, what it has spawned downstream and whether the human at the head of the chain still occupies the role that justified its existence. Most identity programs today operate at the visibility tier. They can inventory, but they cannot interrogate.No single discipline can answer the inheritance-chain question alone. Endpoint security can tell you an agent is running. Identity governance can tell you who its sponsor is. Platform engineering can tell you what entitlements it carries. Security operations can tell you what it is doing. Each owns a fragment. None of them owns the chain.The path forward is connecting the programs so the chain reads cleanly from the human source through every service principal, OAuth grant and API integration it produced.Where To Start​​If you run a security program and want one move to make next, try bringing four disciplines into one room: endpoint, identity governance, platform engineering and security operations. Have each of them describe what they actually see today about agent identities in your environment. Then ask the harder question: Which questions cannot be answered by any one of them alone? The gap between those answers is your real exposure.The next stage of identity security will not be defined by how we manage humans, machines or agents as separate categories. It will be defined by whether we can govern the chains that bind them.Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?