Episode Player

Meta’s recent acquisition of Moltbook, the first social network built exclusively for AI agents, marks a pivotal moment as autonomous agents begin talking to each other across platforms. While this unlocks powerful new capabilities, it also exposes critical identity security challenges. 

From impersonation risks to exploding machine identities, organisations must now treat AI agents with the same rigorous verification, visibility, and governance as human users. The question is no longer if agents will interact — but how securely they will do so.

These and more we will cover in this edition PodChats for FutureCISO with Marco Zhang, solutions engineering director, APJ at Saviynt.

Marco, welcome to PodChats for FutureCISO.

1.       What new identity security expectations should enterprises set when their own AI agents begin participating in always-on directories or cross-platform agent socialization?

2.       Why will AI agents soon require the same robust identity verification frameworks as human users as they begin autonomously interacting across systems, platforms, and even external agent networks?

3.       What does the high-profile impersonation incident on Moltbook reveal about the immediate risks of unsecured machine identities in emerging agent-to-agent ecosystems, and how quickly could similar vulnerabilities scale in enterprise environments?

4.       Why do most organisations still lack basic visibility into the machine identities operating across their cloud, SaaS, and AI environments even as agent adoption accelerates — and what are the hidden costs of this blind spot?

5.       How could attackers exploit AI agents that possess valid credentials to manipulate automated systems, exfiltrate data, or move laterally through infrastructure without triggering traditional security alerts?

6.       As the ratio of machine identities to human identities continues to explode (already exceeding 1:80 in many enterprises), how should CISOs rethink their entire identity fabric to accommodate persistent, autonomous agent sessions?

7.       Why is identity governance rapidly becoming the central control layer that will determine how safely AI systems can interact with sensitive data, applications, and other agents?

8.       What lessons from Moltbook’s rapid rise and security shortcomings should inform how organisations design least-privilege and just-in-time access policies specifically for agent-to-agent communication?

9.       How can AI-powered identity security platforms (like Saviynt) turn the very technology driving agent proliferation — discovery, continuous posture monitoring, and automated governance — into a competitive advantage rather than a liability?

10.   Looking ahead to 2027, when projections suggest AI agents may outnumber human users in many organisations, what single identity security investment will separate the leaders from those facing uncontrolled “ghost agent” risk?