The unchecked deployment of artificial intelligence agents is rapidly widening governance gaps that could lead to substantial security threats. According to Dave Lewis, global advisory CISO at 1Password, many organizations have overlooked critical foundational steps in deploying these agents, particularly regarding their access privileges and the consequences of their actions.
During a recent interview at Infosecurity Europe 2026, Lewis stressed that treating non-human identities merely as service accounts rather than as entities with significant access can create severe risks. AI agents operate autonomously, and without strict governance, their actions may unintentionally escalate privileges, resulting in potentially catastrophic outcomes.
Lewis noted that the blast radius of poorly governed AI environments is often underestimated. "If we don't get the fundamentals in place – securing the credentials, securing the access and making sure you have an overarching security governance program in place – the problems are going to compound," he warned. This serves as a wake-up call for organizations looking to integrate AI into their operations; insufficient oversight could lead to a myriad of security issues.
This call for governance arises amid growing concerns over security debt and rising AI deployment costs. Lewis argues that organizations may soon face an inevitable course correction, driven by the need to tackle these escalating issues. He emphasizes that accountability for AI agents' actions ultimately rests with human leadership, not the technology itself, highlighting the necessity of human oversight in automated environments.
With over 30 years of experience in IT security operations and management, Lewis brings extensive knowledge of securing technological infrastructures. His insights are backed by advisory roles at companies like Sightline Security, Byos.io, and Knostic AI, where he advocates for stronger governance frameworks in AI.
As organizations increasingly adopt AI agents, the demand for stable governance structures grows more urgent. The concerns raised by Lewis at Infosecurity Europe 2026 underscore a critical moment in integrating AI into business processes. Without proper governance, the risks associated with AI deployments could escalate beyond manageable levels, stressing the need for organizations to address these foundational issues before scaling their AI initiatives.
The stories that move AI & crypto markets — before the market reacts.
Free. 7am ET. Five stories. 62,400 readers.
