惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

爱范儿
爱范儿
宝玉的分享
宝玉的分享
博客园 - 司徒正美
Microsoft Azure Blog
Microsoft Azure Blog
博客园 - 三生石上(FineUI控件)
IT之家
IT之家
博客园 - Franky
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
酷 壳 – CoolShell
酷 壳 – CoolShell
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Blog — PlanetScale
Blog — PlanetScale
Recent Announcements
Recent Announcements
Stack Overflow Blog
Stack Overflow Blog
T
Threatpost
aimingoo的专栏
aimingoo的专栏
博客园_首页
Know Your Adversary
Know Your Adversary
T
Threat Research - Cisco Blogs
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
P
Proofpoint News Feed
Security Latest
Security Latest
T
Tailwind CSS Blog
The Hacker News
The Hacker News
P
Palo Alto Networks Blog
Latest news
Latest news
G
GRAHAM CLULEY
C
CERT Recently Published Vulnerability Notes
Engineering at Meta
Engineering at Meta
A
Arctic Wolf
D
Darknet – Hacking Tools, Hacker News & Cyber Security
I
InfoQ
Y
Y Combinator Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
博客园 - 叶小钗
雷峰网
雷峰网
MongoDB | Blog
MongoDB | Blog
P
Proofpoint News Feed
S
SegmentFault 最新的问题
C
Cybersecurity and Infrastructure Security Agency CISA
Last Week in AI
Last Week in AI
罗磊的独立博客
博客园 - 聂微东
Simon Willison's Weblog
Simon Willison's Weblog
Scott Helme
Scott Helme
T
Tenable Blog
O
OpenAI News
The Cloudflare Blog
大猫的无限游戏
大猫的无限游戏
L
LINUX DO - 热门话题
美团技术团队

Forbes - Innovation

Why Do Humans Have Fingerprints? Hint: It’s Not What You Think Booking.com Confirms Data Breach, Reservation PIN Codes Changed Why Major News Sites Are Blocking The Internet Archive’s Wayback Machine iPhone Fold Release Date: New Report Details Frustrating Apple News Comet Tracker: How To See Pan-STARRS And Three Planets On Wednesday NYT Mini Crossword Today: Tuesday, April 14 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Tuesday, April 14 (It’s A Little Unclear) Today’s Wordle #1760 Hints And Answer For Tuesday, April 14 Most Of The Microplastics In Urban Air Come From Tires Today’s Wordle #1759 Hints And Answer For Monday, April 13 NYT Mini Crossword Today: Monday, April 13 Hints And Answers NYT Pips Today: Hints, Answers And Walkthrough For Monday, April 13 The YC Chief Who Codes 10,000 Lines A Day Has A Simple Secret Samsung Expands One UI 8.5 Beta To More Galaxy Owners Why You Should Stop Using Your iPhone If It’s On This List Chamath Says Firms That Treat AI As A Strategy Hand Rivals Their Edge 3 Unexpected Habits Of Secure Couples, By A Psychologist The First Lamp That Folds Your Clothes Samsung’s Disappointing Price Update For Galaxy Phone Buyers 3 Subtle Signs Someone Is Falling In Love With You, By A Psychologist Do Mantis Shrimp See More Colors Than Humans? A Biologist Explains NYT Connections Answers Explained For Monday, April 13 (#1,037) NYT Connections Hints Today: Monday, April 13 Clues And Answers (#1,037) LEGO Luigi & Mach 8 (72050) Review: 2026’s Best Set Yet? Marc Andreessen Says AI Productivity Will Trigger A Hiring Boom 3D Printing Is The Ultimate Hack To Reduce Household Spending Apple iPhone Fold: Striking Design Revealed In Leaked Photos Apple Smart Glasses: New Leak Reveals A Major Design Twist To Beat Meta Tested: The AI Coming To The Rivian R2 Quordle Hints Today: Monday, April 13 Clues And Answers Companies And H-1B Employees Endure Immigration Waits At Consulates 3 Easy Ways To Turn Anxiety Into Sustained Focus, By A Psychologist Here’s The Most Affordable Humanoid Robot You Can Buy Now UFC 327 Results: 5 Biggest Takeaways From A Wild Night In Miami UFC 327 Results, Bonus Winners, Highlights And Reactions Dana White Announces Huge New Fight For UFC White House Today’s NYT Strands Hints, Spangram, Answers: Sunday, April 12 (Get Ready) Tesla ‘Model 2’ Rises From The Ashes Today’s Wordle #1758 Hints And Answer For Sunday, April 12 NYT Pips Today: Hints, Answers And Walkthrough For Sunday, April 12 Tyson Fury Vs. Arslanbek Mahkmudov Results: Highlights and Reaction NYT Mini Crossword Today: Sunday, April 12 Hints And Answers How Shadow AI Culture Is Destroying Your Business Venture Capital Funds That Market Like Startups Win More Deals Conor Benn Vs. Regis Prograis Results: Highlights and Reaction Samsung’s Disappointing Price Update For Galaxy Phone Buyers Artemis Reached The Moon. The Grid Can Reach The 21st Century A Biologist Explains How Archerfish Shoot Down Prey. Hint: Their Aim Rivals Human Throwing Is It Time For Apple To Forget About The MacBook Air NYT Connections Hints Today: Sunday, April 12 Clues And Answers (#1036) Trump’s 2027 Budget To Reshape U.S. Environmental And Energy Policy CDC Delays Reporting Of COVID-19 Vaccine Benefits—Here’s What To Know Oura Has Designed A Solution To A Big Smart Ring Problem Netflix’s Best New Show Has A Near-Perfect 95% Rotten Tomatoes Score Coachella 2026 Is Being Taken Over By Creator Streams Quordle Hints Today: Sunday, April 12 Clues And Answers This Startup Wants To Use AI To Help Digitize History How To Get The Best Shield In ‘Crimson Desert’ Microsoft Venom Attack Targets C-Suite Executives ‘Maul: Shadow Lord’ Sets Even More Star Wars Rotten Tomatoes Records 3 Ways Happy Couples Argue Differently, By A Psychologist Success For Leapmotor Might Have Negatives For Stellantis New Names Surface As Potential Rogue And Wonder Woman In The MCU And DCU 4 Reasons Artemis Mission Matters Even If You Think It Is Wasteful Fast ‘Crimson Desert’ Patch Adds New Moves, Shield Hiding And One Great Feature Why Do Humans Blush? An Evolutionary Biologist Explains The Signal We Can’t Control Apple iPhone Fold: Striking Design Revealed In Leaked Photos Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update iOS 26.4.1 Release: Crucial iPhone Feature Update Arrives, But No Security Fix Fury vs. Makhmudov Full Card, Ring Walk Times and How to Watch Can’t Stand Liquid Glass? This New Hidden iPhone Setting Is A Game-Changer Test-Driving The 2026 Changan Deepal S05: Italian Style Made In China NSA Warning—Reboot Your Internet Router Now Ways That Human-AI Collaboration Slides People Into ‘AI Brain Fry’ And Cognitive Downturns Stop Using These Networks—Google, NSA And TSA Warn NASA Changes Moon Plan: Landing Now Depends On SpaceX Or Blue Origin Samsung Expands One UI 8.5 Beta To More Galaxy Owners The Evolution Of Programmable Hardware At Xilinx NYT Mini Today: Saturday, April 11 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Saturday, April 11 (You’re Putting Me On) Splashdown! NASA’s Artemis II Returns To Earth After Moon Mission Attention Is All You Need. The Human Kind Is Still The One That Counts Today’s Wordle #1757 Hints And Answer For Saturday, April 11 NYT Pips Today: Hints, Answers And Walkthrough For Saturday, April 11 Android Circuit: Galaxy S27 Pro Emerges, Honor 600 Pre-Order Offers, Pixel 11 Display Leaks Apple Loop: iPhone 18 Pro Leak, Urgent iOS Update, MacBook Neo Issues Morgan Stanley Has Mostly Positive Outlook On Tesla Robotaxi, FSD V15 Running Out Of AI Tokens Faster Than Ever? Here’s Why CoreWeave Shares Pop 13% After Anthropic Deal ‘Euphoria’ Season 3’s Rotten Tomatoes Score Crashes, Has Lost Key Player People Don’t Agree On What AI Can Do, But They Don’t Even Use The Same Product ‘Overwhelming’—Google Issues Gemini Update For Gmail Users NYT Connections Hints Today: Saturday, April 11 Clues And Answers (#1035) Quordle Hints Today: Saturday, April 11 Clues And Answers The Costly Dream Of Space-Based AI Infrastructure Can You See The Watcher In This ‘Daredevil: Born Again’ Shot? Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update You Just Watched The Backdoor Pilot For ‘The Pitt: Night Shift’ Are Nicotine Pouches Like Zyn And VELO Safe To Use? A Doctor Answers Human Resources (HR) Is The Key To AI Success Per WalkMe ( SAP)
When 'Who Touched The Data' Is No Longer A Person
Ariel Zamir · 2026-05-11 · via Forbes - Innovation

Ariel Zamir is Co-Founder & CEO of Ray Security.

getty

Ask any security leader what the most fundamental question in data protection is, and the answer is always the same: Who touched the data?

Every audit, incident investigation and compliance review begins there. Access logs exist to answer it. Regulators demand it after a breach. When something goes wrong, boards want to know exactly who accessed sensitive information, when it happened and why.

For decades, the question carried an assumption so obvious it was rarely stated. “Who” meant a person, an employee, contractor or partner with credentials tied to an identifiable individual. Data security programs were built around that assumption.

That assumption is now breaking.

The most consequential shift in data security today is not a new attack technique. It is that the definition of “who” has changed, and many security programs have not yet adapted.​

A New Class Of Actor

Agentic AI refers to autonomous systems capable of retrieving information, making decisions and executing multistep tasks without continuous human direction. Unlike chat-based tools, these systems act. They query databases, access documents, call APIs and move data between systems to complete workflows.

They are already embedded in enterprise environments, supporting research, automating financial processes and coordinating operations. Their activity is often larger in scale, and faster in execution, than that of human users.

Research from Obsidian Security found that AI agents can move significantly more data than humans. In one documented case, a single agent downloaded over 16 million files, while all other users and applications combined accounted for a fraction of that volume. The activity went undetected, not because of negligence, but because existing controls were never designed to observe it.

This gap between what AI agents are doing and what security teams can see is emerging as a central challenge.​

Why 'Who' Was Always Human

Modern data governance is built on human accountability. Individuals can be identified, audited, disciplined or held legally responsible. Frameworks such as GDPR and HIPAA assume that someone is ultimately responsible for how sensitive data is accessed and used.

AI agents do not fit that model. They have no employment contract, no role on an organization chart and no legal standing. When an autonomous system exposes or misuses data, responsibility becomes diffuse, shared across developers, operators and vendors.

That ambiguity creates a structural gap in accountability.​

Where Existing Controls Fall Short

AI agents challenge several core assumptions in current security architectures.

They weaken the link between identity and accountability. Many operate through shared service accounts or API keys, making it difficult to attribute actions to a specific system or trigger.

They expose the limits of permission-based models. Traditional controls answer a binary question: Does this entity have access? They do not account for how much data is accessed. An agent can operate within its permissions while retrieving data at a scale no human would reasonably need.

They also evade behavioral detection. Monitoring tools are tuned to human patterns, such as unusual login times, spikes in activity and deviations from routine. An AI agent executing large-scale data operations at consistent intervals may appear entirely normal.

Individually, these gaps are manageable. Combined, they create a blind spot.​

A Measurable Readiness Gap

Adoption is moving faster than governance. Research from McKinsey & Company shows that enterprises expect the adoption of AI agents to more than double in the coming years, with nearly half anticipating AI embedded across the cybersecurity stack.

At the same time, security models are still catching up. As autonomous systems begin to operate at machine speed, risk is shifting beyond authentication into what happens after access is granted, within multistep workflows executed independently by agents.

This is not a new pattern. Security has repeatedly lagged behind technological adoption. What is different here is the pace. Agentic systems are being deployed across enterprises in months, not years.

Redefining 'Who'

Addressing this shift begins with updating a simple definition. When organizations ask “Who touched the data,” the answer may now include a human, an autonomous system or a chain of systems acting on a human’s behalf.

Security programs that cannot distinguish between these actors are increasingly incomplete.

Three practical changes follow. First, AI agents need to be treated as first-class data actors, subject to governance and audit controls similar to those applied to human users. Second, their identities must be individually attributable, replacing shared accounts with traceable system-level identities. Third, monitoring must extend beyond permissions to actual data usage, including what is accessed, at what scale and whether that aligns with intended behavior.​

A Familiar Pattern, A Deeper Shift

Enterprise security has evolved through definitional changes. Zero trust emerged when organizations recognized that being inside the network no longer implied trust. Cloud security matured when the perimeter stopped aligning with physical infrastructure.

Agentic AI introduces a similar shift, one that operates at a deeper level. It changes not where data lives, but who or what interacts with it.

Until security models reflect that reality, organizations will retain a structural blind spot at the center of their data protection strategies.

The question has not changed.

Who touched the data?

Increasingly, the answer will not be a person.


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?