Saurabh Gugnani, Global Head Of Cybersecurity Engineering, Projects and Architecture, TMF Group
Managing Non-Human Identities
Machine learning models now baseline user and device behavior to detect anomalies such as unusual logins or data transfers. When thresholds are crossed, AI triggers re-authentication or lockdowns, aligning with Zero Trust’s “never trust, always verify” principle. AI also predicts potential attack vectors using threat intelligence and incident history, allowing preemptive action through patching or segmentation. With AI agents entering workflows, organizations are extending IAM systems to include non-human entities. These virtual employees are issued credentials, assigned least-privilege roles, and monitored through detailed audit logs to track behavior and ensure accountability.
SOAR and XDR Capabilities
Security Orchestration, Automation, and Response (SOAR) platforms automate the entire incident-response lifecycle—from detection to remediation—via AI-powered playbooks. Extended Detection and Response (XDR) systems ingest data from diverse sources, correlate threats across layers, and autonomously contain threats, all within Zero Trust frameworks.
Embedding Zero Trust at Scale
In edge and IoT environments, zero-touch provisioning integrates real-time security measures from device onboarding. Devices are automatically registered, segmented, and monitored, reducing manual intervention and response delays. Organizations are embedding Zero Trust through micro-segmentation and least-privilege access. AI dynamically calculates session risk scores and adjusts access policies in real-time, limiting exposure if a breach occurs. Continuous verification of every access attempt—based on behavior, device health, or time—ensures adaptive policy enforcement.
Governance & Ethical AI Oversight
AI-enhanced CIAM and PAM systems monitor privileged account behavior, trigger step-up authentication, and rotate credentials to protect sensitive access. This dynamic control improves security posture while reducing insider threats. AI automates compliance by classifying data and applying relevant controls to meet regulations like GDPR and HIPAA. Governance frameworks also audit AI models for bias and enforce privacy protections, especially during automated actions like access denial.
Cross-Functional & Continuous Improvement
Security, IT, and data science teams form “purple” teams to deploy and refine AI, SOAR, and Zero Trust solutions. Continuous model retraining on updated telemetry ensures accuracy, and performance is tracked using governance dashboards. Organizations choose interoperable tools based on open standards to avoid fragmented ecosystems. By integrating AI, Zero Trust, and automation, companies build scalable, context-aware security that spans users, machines, and IoT—boosting resilience and efficiency.
