Keycard: 2026 is the Year of Agents

Key Takeaways

AI agents are evolving rapidly, moving from copilots to fully autonomous systems by 2026.
New security challenges arise from AI agents, specifically concerning identity, access, and tool-calling dynamics.
Enterprises are expected to adopt AI agents before consumers, driven by workflow optimization and productivity.
Keycard focuses on providing identity, access, and governance solutions for AI agents in production environments.

2025 marked the beginning of true AI agents, with 2026 projected for widespread enterprise implementation.
A real-world security incident involved an AI agent inadvertently sharing data from other companies, exposing identity and access vulnerabilities.
Keycard's Ian Livingstone identifies prompt injection and tool-calling dynamics as primary security concerns for agents.
Deterministic guardrails and access policies are crucial to protect resources from unauthorized agent actions.

AI agents are on a continuum, from basic copilots (level one assistance) to fully autonomous systems delegating tasks.
Advanced agents make underlying decisions, execute multiple tool calls, and automate workflows without direct human oversight.
Agent indeterminacy introduces identity, authorization, and authentication concerns, including tool poisoning attacks manipulating production data.
The core security challenge shifts from data security to a fundamental identity and access issue requiring new approaches for contextual management.

Managing AI agents in multi-tenant environments introduces complexities beyond traditional read/write/delete permissions.
Dynamic, task-based authorization is needed, considering context windows, tool accessibility, and user intent.
Access control models must evolve from static to dynamic and 'hyper-ephemeral' to manage agent permissions effectively.

The trust model is evolving from static permissions to dynamic, runtime-based authorization for agents.
Agents will gain access to specific data for specific tasks, with end-user control and downstream policy enforcement being crucial.
Future control systems may be hybrid, combining deterministic elements with non-deterministic operations, requiring conditional consent for complex tasks.
Enforcement systems will implement adaptive policies with continuous telemetry and clear accountability, similar to autonomous vehicle systems.

Ian Livingstone predicts enterprises will adopt AI agents before consumers, driven by significant internal workflow optimization potential.
Chief Information Security Officers (CISOs) are shifting focus from blocking AI to enabling its safe implementation due to business objectives.
Business leaders recognize AI's productivity gains, similar to coding assistants, fostering strategic discussions on competitive positioning.
Two standards, MCP (tool access) and A to A (scalability), have emerged, but both lack secure agent connection, identification, and control.

Uncontrolled AI agents pose significant risks, including data breaches and ransomware, particularly in multi-tenant environments.
Interactions are shifting from user-to-service to complex agent-to-agent and agent-to-tool ecosystems, requiring agents to access data behind firewalls.
Keycard helps customers deploy AI agents by identifying them, managing user access and permissions, and providing tools for integration.
Keycard emphasizes open standards and interoperability, offering governance, auditability, and control over agent access and actions.