AI Appreciation Day: Security Leaders Say the Celebration Needs an Asterisk

mooreds1 pts0 comments

AI Appreciation Day: Security Leaders Say the Celebration Needs an Asterisk - IT Security Guru

About Us

Thursday, 16 July, 2026

Home

Features

Insight

Channel News

Events

Most Inspiring Women in Cyber 2026

Topics

Cloud Security

Cyber Crime

Cyber Warfare

Data Protection

DDoS

Hacking

Malware, Phishing and Ransomware

Mobile Security

Network Security

Regulation

Skills Gap

The Internet of Things

Threat Detection

AI and Machine Learning

Industrial Internet of Things

Multimedia

Product Reviews

About Us

No Result

View All Result

Home

Features

Insight

Channel News

Events

Most Inspiring Women in Cyber 2026

Topics

Cloud Security

Cyber Crime

Cyber Warfare

Data Protection

DDoS

Hacking

Malware, Phishing and Ransomware

Mobile Security

Network Security

Regulation

Skills Gap

The Internet of Things

Threat Detection

AI and Machine Learning

Industrial Internet of Things

Multimedia

Product Reviews

About Us

No Result

View All Result

No Result

View All Result

AI Appreciation Day: Security Leaders Say the Celebration Needs an Asterisk

by<br>Guru Writer

July 16, 2026

in<br>Featured

Share on FacebookShare on Twitter

Today marks AI Appreciation Day, the annual moment set aside to reflect on how far artificial intelligence has come. For the security industry, that reflection looks less like a party and more like a stocktake. AI has quietly become embedded in almost every layer of enterprise IT: writing code, triaging alerts, hunting threats, running backups, and increasingly, acting on its own initiative. The question security leaders are asking this year isn’t whether AI deserves appreciation but whether organisations have built the identity, governance and resilience layers to deserve what AI can now do.

IT Security Guru asked cybersecurity leaders from across the industry, spanning identity, threat intelligence, backup and recovery, GRC and cyber-resilience vendors, what AI Appreciation Day means to them in 2026. Their answers converge on a theme: AI has earned its seat at the table, but trust, accountability and human oversight haven’t kept pace with its capabilities.

The identity gap nobody planned for

The most immediate concern isn’t whether AI works; it’s whether anyone can say with certainty what it did and why. As AI agents move from answering prompts to independently taking action, that ambiguity becomes a governance problem in its own right.

John Cannava, CIO at Ping Identity, argues that this shift demands a fundamental rethink of how organisations manage machine identity:

"Organisations are increasingly deploying AI agents across the enterprise, and the opportunities for innovation and efficiency are tremendous. These systems are doing more than just responding to prompts. They’re making decisions, taking actions, and even spawning new agents with increasing autonomy and speed. That evolution is transforming how work gets done, and it’s also reshaping the security landscape. Now the challenge is that many organisations are adopting AI agents faster than they can establish clear identity, accountability, and governance for them. When you can’t definitively answer what an agent did, why it did it, or under whose authority it acted, you create unnecessary risk and uncertainty. This is why identity for AI must become a foundational priority. Every agent needs a verifiable identity, clear permissions, and continuous oversight, just like any human user or service account. By building trust, visibility, and accountability into AI from the start, organisations can unlock the full potential of autonomous AI while managing risk and strengthening security."

Dave Hayes, Vice President of Product at FusionAuth, goes further, arguing that the entire framing of “agent legitimacy” misses the point:

"An AI agent is not a new user to authenticate. It has no authority of its own; it acts for a human, and that human is where the authority comes from. So, the question isn’t whether the agent is legitimate, but whether it can do only what its human owner is already allowed to do. Policy can’t enforce that. People follow the rules partly because breaking them gets you fired, and an agent has no job to lose. Give it a goal, and it treats your policy as an obstacle to work around. We surveyed 300 security and technology leaders: 84% of those most confident in their AI security had a confirmed AI-identity breach last year, most with governance they’d have called comprehensive. Architecture fixes this, not wording. AI is probabilistic, so your identity layer has to be deterministic."

That statistic is worth sitting with: the organisations most confident in their AI security were also the ones most likely to have already been breached through an AI identity. Confidence, it turns out, is not the same as control.

Governance stops being optional by law, not just by choice

If identity is the technical gap, governance is the organisational one. Several contributors argued that the...

security identity cyber appreciation leaders result

Related Articles