Identity in the age of AI

When Palo Alto Networks announced it was buying CyberArk on Wednesday for $25 billion, it sent a clear signal that in the age of agents, identity is going to play a huge role, enough for Palo Alto to pay a premium to grab a major player in this space.

It was certainly an interesting deal structure. Although CyberArk shares were trading at above $400 when the deal was struck, shareholders were paid just $45 in cash per share. The additional value came from Palo Alto Networks throwing in 2.20 shares of its own stock for every CyberArk share. Even with Palo Alto’s stock dipping after the announcement, the total deal added up to $25 billion, delivering a substantial 26% premium over CyberArk’s recent share price, per Bloomberg.

There is a lot to unpack here, but the key question is why Palo Alto was willing to pay that kind of dough for a company that generated $318 million in revenue last quarter. It really comes down to how important identity is going to be as agents from multiple vendors increasingly collaborate and operate across enterprise systems

Agents need strong identity

As Box CEO Aaron Levie told me in a recent FastForward interview, agents act as AI assistants that can execute tasks, follow instructions and automate workflows. They extend beyond passive information retrieval to active task completion. This level of automation is going to require a flexible identity layer, explaining why Palo Alto was willing to pay such a hefty price for this company. 

CyberArk offers a range of security products with a focus on privileged access management for both machines and humans – but agents are a bit different. In April the company announced a product devoted specifically to agentic identity, which it sees as an extension of machine identity, where non-humans are making decisions and taking actions independently. 

“Due to their autonomous mandate, AI agents are growing to be among the most privileged machine identities that enterprises have ever seen. And securing them with the right level of privileged controls is foundational,” the company wrote in a blog post announcing their agent identity management product.

As agents from different companies proliferate, it will be critical to ensure each agent has a unique identity and is properly authorized to perform the tasks defined in its prompts. As Phil Venables, an investor at Ballistic Ventures and former CISO at Google, noted during an RSA panel in April, the dynamic nature of agents will make identity management a major challenge, and people are still figuring out how this will work.

"Everybody's still figuring out what the permission model is. So you know, an agent will have an identity and have a set of permissions that are granted to it by the person or thing that's driving that agent," he said. "But then, unlike other privileged protocols, that agent is then going to have to have the ability to delegate to another agent, which may still delegate to another agent because these are networks. I think everybody's still figuring this out,” he said.

That creates layers of complexity that could leave agents vulnerable to external attacks that take advantage of weaknesses in the identity architecture.

As we saw last week, 404 Media reported that a hacker was able to inject a poisoned prompt into the GitHub repository for Amazon's coding agent, Amazon Q Developer extension, which could have potentially wiped users’ computers. It turned out that it wasn't someone looking to do damage, only showing what was possible, but it was a cautionary tale of what can happen if agents aren’t secured correctly, one that every company implementing agents should heed.

It’s not just prompt injection attacks either. There is also the potential for privilege escalation, unauthorized access and over-permissioning, among other things. Agents also have the potential to learn and adapt, making identity management an even bigger challenge.

Identity as a core security issue

Concerns like these are why identity has become a primary security issue in the age of agents, says Lee Klarich, chief product officer at Palo Alto Networks. It was a major reason the company was willing to spend so much to acquire an identity-focused company like CyberArk.

“Our core belief is that the future of identity requires a security-first approach, and together, we will extend the robust protection of privileged identity security to all identities—users, machines and the new wave of autonomous AI agents,” Klarich wrote in a post on LinkedIn announcing the deal.

The potential ability of agents to undertake critical tasks on their own, while communicating with other agents and operating in a less static fashion, makes building a strong identity layer of paramount importance. As agents with growing capabilities begin to operate inside companies, they can’t simply leave identity management to chance. 

Nor can they rely on tools that weren’t designed for this type of problem, such as static machine or human identities, what Palo Alto Networks CEO Nikesh Arora called the IAM fallacy, the idea that these old tools will be enough in the new world of agents. 

The question is whether CyberArk, a 25-year old company, is going to offer the best path to solve these problems, even as startups and other identity vendors are tackling the same issues, potentially with fresher perspectives. Regardless, this week's acquisition shows Palo Alto was willing to make a significant bet to find out.
~Ron

Featured photo by Kenny Eliason on Unsplash