The Zero Trust Hub

A company deployed an AI agent to optimize supply ordering. It worked exactly as designed, identifying cost savings and acting autonomously.  

Then it spent $1.4 million on 40 years’ worth of floor cleaner to secure a discount.  

It’s just another example of an AI system executing its objective with perfect logic and zero judgment.

That story came up when I sat down with Josh Woodruff, founder and CEO of Massive Scale AI, on a recent episode of The Segment podcast. What followed was a discussion on a challenge most security leaders are only beginning to grasp. AI isn’t just another workload to secure but a new class of actor inside your environment.

This makes securing AI a direct extension of your Zero Trust strategy. But it requires applying Zero Trust principles in a more deliberate way to systems that act, decide, and operate autonomously.

If you keep treating AI like software, you’ll struggle to control it. If you treat it like a digital employee governed by Zero Trust, control is possible.

AI doesn’t behave like the systems we’re used to

Security has long relied on predictable systems where inputs map cleanly to outputs and anything unusual signals a problem.

AI breaks that model.

As Josh explained, AI systems are probabilistic. They generate responses based on patterns rather than fixed rules. That’s what makes them powerful, but it also makes their behavior harder to anticipate.  

Once AI moves from answering questions to taking actions, that unpredictability becomes operational.

This is why the idea of “rogue AI” can be misleading. The bigger risk isn’t malicious behavior. Instead, it’s systems doing exactly what they were told, without the context to judge whether the outcome makes sense.

Josh described it as being “hyper-competent at the wrong goal.”  

The floor cleaner example makes this clear. The system optimized for discounts and succeeded. It just didn’t take into account the broader effect of its decision.

For security teams, this shifts the focus from simply detecting bad behavior to defining boundaries. This ensures even correct behavior stays within limits that protect the business.

A better model: AI as a digital employee

One of the most useful ideas from the conversation was treating AI agents as digital employees.

You wouldn’t give a new hire unrestricted access to your network, expect them to operate without oversight, or assume they’ll always make the right call.

The same applies to AI.

These systems need identities, defined roles, clear limits on what they can access and do, and continuous monitoring at machine speed.

This is exactly how Zero Trust operates. It’s built on identity, context, and verification, making it a natural model for governing AI.

Zero Trust provides a structure for governing AI

At a high level, Zero Trust encourages you to ask a consistent set of questions about any entity in your environment:

• Who is it?  
• What is it trying to do?  
• What data should it have access to?  
• Where should it be allowed to operate?

Josh framed these questions in a way that translates well to AI systems:  

• Who are you?
• What are you doing?
• What are you accessing?
• Where can you go?
• What happens if something goes wrong?

When applied to AI, these questions push organizations to define identity for non-human actors. They help limit AI access based on role and context and encourage teams to think carefully about how systems interact with data and other systems.

They also highlight the importance of containment. If an AI system behaves in an unexpected way, the effect should be limited. That’s where segmentation and least-privilege access come into play.

Interestingly, the constraints that make systems safer also tend to make them more effective. When an AI agent has a clear scope and well-defined boundaries, it’s less likely to produce erratic or irrelevant outcomes.

AI is here. Governance has to catch up.

AI adoption is accelerating, and non-human identities will soon outnumber humans in enterprise environments. That shift raises the stakes for security.

If AI is treated like software, risk becomes harder to see and control. But if it’s governed as an operational actor using Zero Trust principles, it becomes far more manageable.

This is an opportunity for security teams to lead. By setting guardrails and enforcing containment controls, CISOs can help the business adopt AI with confidence.