"Most CIOs today are trying to figure where these agents are to begin with," Shiven Ramji said, framing a familiar problem for organizations moving quickly to adopt artificial intelligence.
Shadow AI agents and the visibility gap
As enterprises rush to deploy artificial intelligence, Ramji — president of the customer identity cloud business at Okta — warned of a largely invisible operational risk: shadow AI agents operating outside traditional IT oversight. He said many organizations lack basic visibility into where these agents exist, what systems they connect to and what actions they're taking. That visibility gap is driven in part by teams independently experimenting with AI to drive productivity gains, often without fully understanding security implications.
Three foundational questions CIOs must answer
Ramji framed modern AI security around three practical questions: Where are my agents? What can they connect to? And what can they do? He presented those questions as a baseline for preventing the kinds of failures that come from over-provisioned access, insecure integrations and uncontrolled automation inside critical systems. According to Ramji, without clear answers to those questions organizations invite precisely the risks they are trying to avoid.
Non-deterministic AI demands new governance models
Ramji emphasized that non-deterministic AI systems change the governance problem. In his remarks he argued these systems require new governance models because they do not behave in strictly predictable ways. That non-determinism complicates traditional controls and forces organizations to rethink how they enforce policies around data access, permissions and automated actions.
Identity and centralized control as mitigations
To address the challenge, Ramji pointed to identity and centralized control as enabling elements for secure AI deployment. He described his role at Okta as overseeing product, data and security strategy with a focus on securing digital identities at scale, particularly as AI-driven systems reshape how applications access data and execute tasks. Centralized identity controls, in his view, can help limit what agents can connect to and what they can do, shrinking the attack surface created by ad hoc AI experiments.
What this means for CIOs, security teams, and enterprise developers
- CIOs — Already under pressure to enable innovation while containing risk, CIOs are tasked with first finding and mapping where AI agents operate and then enforcing the three foundational questions Ramji outlined: locate agents, enumerate their connections, and constrain their actions.
- Security teams and technologists — With limited visibility into agents and their integrations, these teams must guard against over-provisioned access, insecure integrations and uncontrolled automation that could lead to data exposure or unauthorized actions.
- Enterprise developers and experimenting teams — Teams driving productivity with AI need to recognize the security trade-offs Ramji identified: independent experimentation can accelerate capability adoption but may also create ungoverned pathways for data access and potential exfiltration.
Ramji discussed these points in a podcast interview with ISMG, outlining the rise of shadow AI agents, the visibility gap confronting CIOs, the governance challenges of non-deterministic systems, and how identity and centralized control can enable safer deployments. He previously held product leadership roles at DigitalOcean, Amazon, NBCUniversal, LiveIntent and The Nielsen Company, and now leads Okta’s customer identity business.
The immediate takeaway is practical and specific: before organizations scale agentic AI, they must answer the simple operational questions Ramji posed. Without mapping agents, enumerating their connections, and constraining their capabilities, enterprises risk creating new channels for over-privileged access, insecure integrations and automated actions that slip outside existing controls.
