Artificial intelligence has rapidly become more than just a tool for automating tasks—it’s becoming a decision-maker, a planner, even a digital teammate. Nowhere is this more evident than in the rise of “agentic AI,” a new class of AI that doesn’t just analyze and suggest, but acts. These systems operate with autonomy, pursuing goals, adapting to new information, and in some cases, making choices with little to no human input. The benefits for business are staggering. But so are the risks.

Matt Davey, Chief Experience Officer at 1Password, sat down with Abe Ankumah, Chief Product Officer at 1Password, on the Random but Memorable podcast to explore what this shift means for the future of security. He likens onboarding an AI agent to onboarding a new employee—complete with interviews, access controls, and a healthy dose of skepticism. Because when AI has the power to act, trust and oversight aren’t optional—they’re essential.

This conversation isn’t all caution tape and warning signs. Abe also points to a brighter, more powerful horizon: one where AI agents become trusted collaborators, extending our capabilities in ways we’re only beginning to understand. 

Read the interview highlights below or check out the full episode in your podcast player of choice. When you've finished, join the conversation in our episode discussion thread! 

Editor’s note: This interview has been lightly edited for clarity and brevity. The views and opinions expressed by the interviewee don’t represent the opinions of 1Password.

Matt Davey: Can you briefly explain what AI agents are? 

Abe Ankumah: Agentic AI ultimately refers to an artificial intelligence system that is designed to operate autonomously. 

Ultimately, that means it's capable of making decisions. It's capable of initiating actions and pursuing goals with a degree of independence. And it has the ability to adapt. 

The concept of an AI software system actually being able to do that—with the ability to be proactive, goal-oriented, plan, reason, and interact in a very dynamic fashion—opens the door for so many possibilities. 

That's what, in so many ways, encapsulates what agentic AI is all about.

MD: What are the security risks for organizations using AI agents?

AA: When it comes to security risks, it's important to understand what the agent can do by design or accidentally. From a security risk standpoint, it's critical to know what the agent actually has access to, and having a sense and understanding of what actions they can take and what the guardrails are around those actions.

Agents need access to data in order to do planning, reasoning, and goal orientation. They need access to take action. That might mean there are security risks that come up in terms of potential data leakage or unintended disclosure of information.

\n

“Agents need access to take action.”

\n

Can the information that the agent gathers be used for social engineering and potentially phishing? We've heard so much about LLMs hallucinating, and agents in so many ways are powered by LLM models under the hood. So what happens when an agent hallucinates and how does it actually manifest in terms of how the agent might actually try to achieve its goal. 

Those are some of the security risks. But while I point out these security risks, it’s important to remember that the possibilities of what these agents can do in terms of unlocking capabilities is profound. 

Think about any new technology. For example, when cars were being invented, there were risks associated with them, right? Accidents were a risk of cars being invented. And so while security risks exist with agentic AI, the reality is that we should also be thinking about the benefits they provide. And it's on the cybersecurity industry to actually move this forward by providing the controls and the efficacy around AI agents in order for users and businesses to adopt them in a very responsible fashion.

MD: It all comes down to decision making, really. To stay secure, teams need agents and employees alike to make good decisions.

AA: 100%. Sometimes I like to think of agents as helpers or assistants to humans. Organizations need to think about onboarding agents in the same way they onboard employees. For example, there’s a certain code of conduct that you train your employees about. And there's a certain set of expectations that you have for employees. And when you're employing a human, you interview them and run them through a background check, right?

\n

“Organizations need to think about onboarding agents in the same way they onboard employees.”

\n

A similar concept is useful when you’re thinking about adopting agents within a business. Let’s say you’re thinking about purchasing an agent from a third party. You need to do an evaluation and due diligence. You need to understand its behavior and the types of data it will have access to, how it will use that data, and so on and so forth.

You wouldn't hire someone off the street without interviewing them and doing the requisite background information. Use that same mental model when thinking about AI agents. 

When you're onboarding an employee, you decide what system they should have access to based on the role they're going to be playing inside the company. That same mental model is very applicable as we think about agents within the context of work.

MD: Can businesses apply traditional security frameworks to AI? Or does the industry need new frameworks?

AA: The first thing I'll say is that we are still very much in the early innings of agentic AI. 

But the pace of change with AI is unlike anything I've seen in my career. It's just been so rapid and dynamic. And so while we're still in the early phases, there are some general concepts that businesses can use to prepare for AI. We can all learn from other changes and the birth of other new capabilities, whether it was the internet or SaaS or the proliferation of mobile devices and BYOD devices in businesses. 

From a framework standpoint, it all starts with understanding and visibility. At the end of the day, you cannot manage, you cannot control what you're not aware of or what you can’t see. And the way agentic AI will come into businesses will be multi-fold. Some will come in through sanctioned programs, where the organization, including the cybersecurity team, the IT team, and the line of business, work in tandem to bring in that capability. So agents will come into businesses that way. 

But agents will also come in as shadow IT, just like we’ve seen with SaaS. In a lot of cases, agents will come in and get adopted through line of business without the IT teams even being aware of them.

If you want to be prepared, it starts with being able to actually take stock of your environment. What's happening? You need to have unbridled visibility into your environment. Just like we've had concepts around being able to discover shadow IT, it's going to be important for organizations to be able to discover shadow AI. 

\n

“It's going to be important for organizations to be able to discover shadow AI.”

\n

When agents are adopted in a deterministic fashion, it's going to be important that organizations understand the capabilities of these agents. That includes what they can access, and the guardrails that exist for them.

It’s going to be important for organizations to educate their teams and put in place sensible guardrails. Just saying, “no you cannot adopt agentic AI” frankly isn't going to work. Your employees will work around it. When SaaS was becoming a thing, a lot of companies said, “nope, you're not allowed to use SaaS”. And guess what? They did. They brought in Dropbox. They brought in other SaaS applications because they needed to be productive. Similarly, when organizations were trying to grapple with BYOD, people were bringing in their own devices to do work. Some organizations said, “no, you're not allowed to do that.” Guess what? Employees and users found their way around it. So simply saying no to AI isn't the solution. 

\n

“Simply saying no to AI isn't the solution.”

\n

Sticking your head in the sand and pretending it’s not happening isn't a solution either. It's all about actually being proactive and understanding what's happening. You can do that by having the right discussions with your line of business, putting systems in place to discover the use of shadow AI, and educating your teams about it.

MD: How is 1Password approaching the challenge of securing agentic AI?

AA: I'll describe our work in three big buckets. 

The first is what can we do, and what are we doing, to actually allow our customers and our users to securely and safely adopt AI. One of the unique things about 1Password is that our users trust us. We are a pretty massive credential store of how they interact with the digital world. 

So let’s say I'm an end user and I'm adopting AI and this agent needs access to my credentials. Well, one of the things we're doing is enabling agent builders to, through APIs and SDKs, integrate with 1Password in order to actually allow other 1Password users to safely and securely delegate access to their credentials to these agents.

There are a number of other things that we're rolling out in the coming months and quarters.

The second pillar is using AI capabilities to continue to build more delightful user experiences and capabilities within our products. If you think about what we're doing with 1Password Extended Access Management, you can imagine how that might help us from a password management perspective. You can imagine us doing things from a device trust and access governance perspective as well. So we're using AI as part of our underlying technology foundation as we build and evolve our own products. 

Thirdly, we want to adopt AI in terms of how we work as a team. I describe this as going AI native. As a team, how can we bring AI techniques to bear that frankly makes our lives a lot simpler and a lot more effective? I have lots of documents to read. Can I just easily summarize that? Or I want to quickly prototype something. How do I do that in a product development or design fashion? 

MD: How will the security risks associated with AI evolve over the next few years?

AA: AI agents ultimately represent identities within those businesses. One plausible security challenge will be managing agentic identities within the construct of a business outcome. AI is going to unleash a lot of benefits but with those benefits will come a need to be vigilant in terms of addressing gaps that bad actors will look to exploit.

It’s a challenge because we will reach a critical mass where companies are embracing and adopting agents within every single vertical. I don't think agents will be the provenance of only one type of vertical or the provenance of only very large companies. I think agents, just like other software paradigms, will become fairly pervasive across every business. 

Identity and identity abuse will become more common. We're already seeing very early forms of that today, right? 

We've seen the rise of deep fakes. We've seen social engineering which is driving phishing attacks and I think those will only get more and more sophisticated. 

In the geopolitical climate that we’re in today, you can imagine this getting co-opted—if it hasn’t already—from a nation state behavior and compromising different supply chains.

MD: Finally, if you could have AI automate one task in your life, what would it be?

AA: My family and I enjoy traveling. When we get to a destination, we're always trying to figure out what is unique and authentic to do in that location. 

Where's an awesome place to go and eat? How do we juggle a family of four, all of which have different interests, so we pack in as much as we can in that period of time? 

I would love for an agent to have a history of the things that I went, “hmm, this is interesting, I want to do it,” but just haven't found the time to do it. I would love for an agent to be able to plan a trip for me and curate a set of really unique experiences and say,“hey, you know what, you should spend these days in this city because there's a particular festival happening that would make sense for you to go to, and the spend these other days in this other city because there's something else going there.” 

Sorting that whole tedium of planning and correlating calendars for a very active family of four would be awesome.

Artificial intelligence has rapidly become more than just a tool for automating tasks—it’s becoming a decision-maker, a planner, even a digital teammate. Nowhere is this more evident than in the rise of “agentic AI,” a new class of AI that doesn’t just analyze and suggest, but acts. These systems operate with autonomy, pursuing goals, adapting to new information, and in some cases, making choices with little to no human input. The benefits for business are staggering. But so are the risks.

Matt Davey, Chief Experience Officer at 1Password, sat down with Abe Ankumah, Chief Product Officer at 1Password, on the Random but Memorable podcast to explore what this shift means for the future of security. He likens onboarding an AI agent to onboarding a new employee—complete with interviews, access controls, and a healthy dose of skepticism. Because when AI has the power to act, trust and oversight aren’t optional—they’re essential.

This conversation isn’t all caution tape and warning signs. Abe also points to a brighter, more powerful horizon: one where AI agents become trusted collaborators, extending our capabilities in ways we’re only beginning to understand. 

Read the interview highlights below or check out the full episode in your podcast player of choice. When you've finished, join the conversation in our episode discussion thread! 

Editor’s note: This interview has been lightly edited for clarity and brevity. The views and opinions expressed by the interviewee don’t represent the opinions of 1Password.

Matt Davey: Can you briefly explain what AI agents are? 

Abe Ankumah: Agentic AI ultimately refers to an artificial intelligence system that is designed to operate autonomously. 

Ultimately, that means it's capable of making decisions. It's capable of initiating actions and pursuing goals with a degree of independence. And it has the ability to adapt. 

The concept of an AI software system actually being able to do that—with the ability to be proactive, goal-oriented, plan, reason, and interact in a very dynamic fashion—opens the door for so many possibilities. 

That's what, in so many ways, encapsulates what agentic AI is all about.

MD: What are the security risks for organizations using AI agents?

AA: When it comes to security risks, it's important to understand what the agent can do by design or accidentally. From a security risk standpoint, it's critical to know what the agent actually has access to, and having a sense and understanding of what actions they can take and what the guardrails are around those actions.

Agents need access to data in order to do planning, reasoning, and goal orientation. They need access to take action. That might mean there are security risks that come up in terms of potential data leakage or unintended disclosure of information.

\n

“Agents need access to take action.”

\n

Can the information that the agent gathers be used for social engineering and potentially phishing? We've heard so much about LLMs hallucinating, and agents in so many ways are powered by LLM models under the hood. So what happens when an agent hallucinates and how does it actually manifest in terms of how the agent might actually try to achieve its goal. 

Those are some of the security risks. But while I point out these security risks, it’s important to remember that the possibilities of what these agents can do in terms of unlocking capabilities is profound. 

Think about any new technology. For example, when cars were being invented, there were risks associated with them, right? Accidents were a risk of cars being invented. And so while security risks exist with agentic AI, the reality is that we should also be thinking about the benefits they provide. And it's on the cybersecurity industry to actually move this forward by providing the controls and the efficacy around AI agents in order for users and businesses to adopt them in a very responsible fashion.

MD: It all comes down to decision making, really. To stay secure, teams need agents and employees alike to make good decisions.

AA: 100%. Sometimes I like to think of agents as helpers or assistants to humans. Organizations need to think about onboarding agents in the same way they onboard employees. For example, there’s a certain code of conduct that you train your employees about. And there's a certain set of expectations that you have for employees. And when you're employing a human, you interview them and run them through a background check, right?

\n

“Organizations need to think about onboarding agents in the same way they onboard employees.”

\n

A similar concept is useful when you’re thinking about adopting agents within a business. Let’s say you’re thinking about purchasing an agent from a third party. You need to do an evaluation and due diligence. You need to understand its behavior and the types of data it will have access to, how it will use that data, and so on and so forth.

You wouldn't hire someone off the street without interviewing them and doing the requisite background information. Use that same mental model when thinking about AI agents. 

When you're onboarding an employee, you decide what system they should have access to based on the role they're going to be playing inside the company. That same mental model is very applicable as we think about agents within the context of work.

MD: Can businesses apply traditional security frameworks to AI? Or does the industry need new frameworks?

AA: The first thing I'll say is that we are still very much in the early innings of agentic AI. 

But the pace of change with AI is unlike anything I've seen in my career. It's just been so rapid and dynamic. And so while we're still in the early phases, there are some general concepts that businesses can use to prepare for AI. We can all learn from other changes and the birth of other new capabilities, whether it was the internet or SaaS or the proliferation of mobile devices and BYOD devices in businesses. 

From a framework standpoint, it all starts with understanding and visibility. At the end of the day, you cannot manage, you cannot control what you're not aware of or what you can’t see. And the way agentic AI will come into businesses will be multi-fold. Some will come in through sanctioned programs, where the organization, including the cybersecurity team, the IT team, and the line of business, work in tandem to bring in that capability. So agents will come into businesses that way. 

But agents will also come in as shadow IT, just like we’ve seen with SaaS. In a lot of cases, agents will come in and get adopted through line of business without the IT teams even being aware of them.

If you want to be prepared, it starts with being able to actually take stock of your environment. What's happening? You need to have unbridled visibility into your environment. Just like we've had concepts around being able to discover shadow IT, it's going to be important for organizations to be able to discover shadow AI. 

\n

“It's going to be important for organizations to be able to discover shadow AI.”

\n

When agents are adopted in a deterministic fashion, it's going to be important that organizations understand the capabilities of these agents. That includes what they can access, and the guardrails that exist for them.

It’s going to be important for organizations to educate their teams and put in place sensible guardrails. Just saying, “no you cannot adopt agentic AI” frankly isn't going to work. Your employees will work around it. When SaaS was becoming a thing, a lot of companies said, “nope, you're not allowed to use SaaS”. And guess what? They did. They brought in Dropbox. They brought in other SaaS applications because they needed to be productive. Similarly, when organizations were trying to grapple with BYOD, people were bringing in their own devices to do work. Some organizations said, “no, you're not allowed to do that.” Guess what? Employees and users found their way around it. So simply saying no to AI isn't the solution. 

\n

“Simply saying no to AI isn't the solution.”

\n

Sticking your head in the sand and pretending it’s not happening isn't a solution either. It's all about actually being proactive and understanding what's happening. You can do that by having the right discussions with your line of business, putting systems in place to discover the use of shadow AI, and educating your teams about it.

MD: How is 1Password approaching the challenge of securing agentic AI?

AA: I'll describe our work in three big buckets. 

The first is what can we do, and what are we doing, to actually allow our customers and our users to securely and safely adopt AI. One of the unique things about 1Password is that our users trust us. We are a pretty massive credential store of how they interact with the digital world. 

So let’s say I'm an end user and I'm adopting AI and this agent needs access to my credentials. Well, one of the things we're doing is enabling agent builders to, through APIs and SDKs, integrate with 1Password in order to actually allow other 1Password users to safely and securely delegate access to their credentials to these agents.

There are a number of other things that we're rolling out in the coming months and quarters.

The second pillar is using AI capabilities to continue to build more delightful user experiences and capabilities within our products. If you think about what we're doing with 1Password Extended Access Management, you can imagine how that might help us from a password management perspective. You can imagine us doing things from a device trust and access governance perspective as well. So we're using AI as part of our underlying technology foundation as we build and evolve our own products. 

Thirdly, we want to adopt AI in terms of how we work as a team. I describe this as going AI native. As a team, how can we bring AI techniques to bear that frankly makes our lives a lot simpler and a lot more effective? I have lots of documents to read. Can I just easily summarize that? Or I want to quickly prototype something. How do I do that in a product development or design fashion? 

MD: How will the security risks associated with AI evolve over the next few years?

AA: AI agents ultimately represent identities within those businesses. One plausible security challenge will be managing agentic identities within the construct of a business outcome. AI is going to unleash a lot of benefits but with those benefits will come a need to be vigilant in terms of addressing gaps that bad actors will look to exploit.

It’s a challenge because we will reach a critical mass where companies are embracing and adopting agents within every single vertical. I don't think agents will be the provenance of only one type of vertical or the provenance of only very large companies. I think agents, just like other software paradigms, will become fairly pervasive across every business. 

Identity and identity abuse will become more common. We're already seeing very early forms of that today, right? 

We've seen the rise of deep fakes. We've seen social engineering which is driving phishing attacks and I think those will only get more and more sophisticated. 

In the geopolitical climate that we’re in today, you can imagine this getting co-opted—if it hasn’t already—from a nation state behavior and compromising different supply chains.

MD: Finally, if you could have AI automate one task in your life, what would it be?

AA: My family and I enjoy traveling. When we get to a destination, we're always trying to figure out what is unique and authentic to do in that location. 

Where's an awesome place to go and eat? How do we juggle a family of four, all of which have different interests, so we pack in as much as we can in that period of time? 

I would love for an agent to have a history of the things that I went, “hmm, this is interesting, I want to do it,” but just haven't found the time to do it. I would love for an agent to be able to plan a trip for me and curate a set of really unique experiences and say,“hey, you know what, you should spend these days in this city because there's a particular festival happening that would make sense for you to go to, and the spend these other days in this other city because there's something else going there.” 

Sorting that whole tedium of planning and correlating calendars for a very active family of four would be awesome.