Resilient Cyber
Resilient Cyber brings listeners discussions from a variety of Cybersecurity and Information Technology (IT) Subject Matter Experts (SME) across the Public and Private domains from a variety of industries. As we watch the increased digitalization of our society, striving for a secure and resilient ecosystem is paramount.
Resilient Cyber
Identity as Infrastructure in the Agentic Era
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
In this episode of Resilient Cyber, I sat down with Karl McGuinness — author of Control Plane and one of the sharpest voices working on identity in the agentic era — to unpack what most of the industry is still getting wrong about IAM for AI agents.
Karl's thesis is a provocation: we spent two decades optimizing authentication and authorization, and we built that stack for human-paced execution. Agents remove the presence, pacing, and natural scope-limiting that made those controls work — and no amount of stronger credentials, tighter scopes, or faster JIT provisioning closes the structural gap. The real frontier isn't AuthN or AuthZ. It's delegation: how approved intent becomes bounded authority that stays governed across delegation chains, unfamiliar tools, consent expansion, revocation, and task termination.
Chris and Karl dig into:
↳ Why the industry optimized for the wrong question, and what changes when agents enter the loop
↳ The Execution Mandate — agents don't need your passport, they need your authority
↳ Why governing the stay matters more than governing the entry, and what continuous evaluation of authority looks like in practice
↳ Mission-Bound OAuth, including Karl's own pessimistic case against it
↳ AAuth vs. OAuth as the substrate for agentic identity, and what signal will tell us which one wins
↳ Why Mission Shaping is necessary but not sufficient when quiet expansion, headless execution, and stale state are in play
↳ Open-world OAuth, MCP, and first-contact trust — what the newer standards solve and the substrate gaps no draft is closing
↳ ID-JAG and Cross-App Access (XAA): why enterprise SaaS needs to abandon app-by-app OAuth islands
↳ The widening gap between IETF drafts and the "agentic IAM" being sold at RSA, and the minimum viable posture for teams running agents in production today
Whether you're a CISO, an identity architect, or a security leader trying to separate vendor narrative from substrate reality, this is a clear-eyed map of where agentic IAM actually is and where it has to go.
🔗 Karl's writing: https://notes.karlmcguinness.com/
🔗 Subscribe to Resilient Cyber on Substack: https://www.resilientcyber.io/
🔗 Follow Chris on LinkedIn: https://www.linkedin.com/in/resilientcyber/