What happens when machine identities outnumber human ones by a hundred to one?

That’s not a future scenario. It’s already happening. In this episode, I’m joined by David Higgins, Senior Director at CyberArk, for a deep conversation about identity security in an environment increasingly shaped by AI agents, autonomous systems, and blurred digital boundaries.

David brings clarity to the growing risks tied to machine credentials and explains why so many organisations are still struggling with password reuse, unsecured personal devices, and outdated security awareness efforts. We explore the rise of deepfake scams, AI-powered impersonation, and the worrying trend of attackers bypassing savvy users by targeting helpdesks and support channels instead.

What stood out is how David reframes the conversation around human behaviour and responsibility. Rather than blaming users as the weakest link, he argues that identity security needs to be rooted in context, culture, and proactive design. From adaptive authentication to just-in-time access models, there are smarter ways forward that balance security and user experience without turning employees into roadblocks.

And we go even further. We talk about the next phase of risk, where AI agents aren't just tools but semi-autonomous actors capable of learning and adapting. What happens when one of these agents goes off-script? What safeguards are in place if they begin to behave in ways their developers didn’t anticipate?

This episode is not about hype. It’s a practical look at what identity-first security really means in a machine-dominated environment.

So let’s hear it: do you think your business is ready for this shift? Or are we still relying too much on assumptions that no longer hold up?

Let me know what you think after listening.