From Shadow AI to Agent Inventory: Building a Risk-Driven Governance Model for Enterprise AI Agents

Get Instant Access to this Content

Learn more about how to secure your business from threats in places you didn't even know existed.

About the session

As enterprises accelerate adoption of agentic AI, security teams are struggling to keep pace with a rapidly expanding and often invisible attack surface. From embedded automation features in enterprise platforms to stand-alone and goal-driven AI agents, organizations face growing risks tied to privilege misuse, unmanaged access, and “shadow AI” proliferation.

In this session, we explore how security and IT leaders can move from reactive discovery to a structured, risk-driven governance model for AI agents. Attendees will learn practical approaches to identifying high-risk AI agents, mapping agent access and privilege, and implementing sustainable oversight mechanisms that reduce exposure while enabling innovation.

Grounded in real-world security principles and aligned with emerging guidance on agentic AI risk management, this webinar will outline how organizations can bring visibility, identity governance, and accountability to AI agents — without slowing down business transformation.

Key Takeaways:

How to identify and inventory embedded, stand-alone, and goal-driven AI agents

Why privilege modeling and identity governance are foundational to securing AI agents

Strategies to reduce shadow AI risk and regain visibility into automated workflows

How intent-based monitoring and analytics can shorten the threat exposure window

Practical steps to operationalize AI agent governance within existing security programs

Meet the Speaker

Derek A. Smith

Founder, National Cybersecurity Education Center

Derek A. Smith is an expert at cybersecurity, cyber forensics, healthcare IT, SCADA security, physical security, investigations, organizational leadership and training. He is currently an IT Supervisor at the Internal Revenue Service. He is also owner of The Intercessors Investigative and Training Group (www.theintercessorgroup.com). Formerly, Derek worked for several IT companies including Computer Sciences Corporation and Booz Allen Hamilton. Derek spent 18 years as a special agent for various government agencies and the military. He is also a cyber security professor at the University of Maryland, University College and Virginia University of Science and Technology and has taught for over 25 years. Derek is retired from the US Army and also served in the US Navy, and Air Force for a total of 24 years. He is completing his Doctorate Degree in Organizational Leadership and has completed an MBA, MS in IT Information Assurance, Masters in IT Project Management, and a BS in Education. Derek has written several books including Cybersense: The Leaders Guide to Protecting Critical Information, and its companion workbook, and he has contributed to several other books as an author and technical adviser.