The next phase of enterprise AI hinges on a simple tension—how to innovate at speed without sacrificing control.

getty

Artificial intelligence is entering a new phase. The rise of agentic systems — AI models that can act independently across tools, APIs, and data sources — has created both opportunity and unease in the enterprise. These systems promise automation at a scale never seen before, but they also expose organizations to new forms of data risk and identity complexity.

This week, Rubrik introduced Rubrik Agent Cloud, a platform the company says is designed to help enterprises deploy and manage AI agents securely at scale. The announcement reflects a broader shift across the cybersecurity industry: as enterprises experiment with AI agents, many are now confronting how little visibility they have into what these systems access and how they use data.

The Rise Of The Agentic Enterprise

AI agents are moving rapidly from prototypes to production. They’re being embedded in workflows, granted access to internal applications, and making decisions that affect business outcomes. That same autonomy, however, creates what security researchers describe as “shadow agents ”— systems deployed without IT oversight or adequate governance.

Jennifer Glenn, research director for information and data security at IDC, says the growth of AI agents represents a fundamental change in enterprise risk management. “A few years ago, AI was being discussed as just another thing to secure,” she says. “Basically, it still required the same security frameworks, technologies, and approaches as everything else enterprises were currently working on. I think the adoption of AI agents has completely changed the game.”

Glenn points to the explosion of new identities — human, non-human, and device — that AI agents introduce into enterprise ecosystems. “While there are many vendors that say they are managing these identities, all of these approaches are different,” she explains. That inconsistency, she adds, makes it difficult for organizations to maintain a unified view of access control and data exposure.

Extending Zero Trust To AI

Rubrik positions Agent Cloud as part of its broader effort to apply Zero Trust principles to data protection in the AI era. According to the company, the platform is meant to give organizations visibility into how AI agents interact with enterprise data, while enforcing policy-based access controls and compliance monitoring.

The company says Agent Cloud integrates with existing AI ecosystems such as OpenAI, Anthropic, and Azure OpenAI Service. Rubrik’s stated goal is to help customers “govern, observe, and secure” agentic activity across hybrid environments.

“At Rubrik, we believe progress should never come at the cost of control,” Bipul Sinha, CEO of Rubrik, noted in a blog post introducing Agent Cloud.

Analysts note that extending Zero Trust to AI workflows is a logical, if challenging, progression. The same concepts used to authenticate users and devices may now need to apply to autonomous systems capable of self-directed action. Whether traditional frameworks can keep up with the speed and scale of AI interactions remains to be seen.

Data And Identity Foundations

Glenn believes the root of the issue lies in enterprise data hygiene rather than in any specific tool. “Organizations need to fix their foundations of data and identity,” she says. “It’s important to know where your data lives, what type of data you have, who (or what) has access to that data, and whether that data is adequately secured.”

She adds that AI agents are revealing long-standing weaknesses in data management. “AI projects in general are exposing more vulnerabilities and risks to data that were previously either unknown or unprioritized for fixing,” she says. “The introduction of agents exacerbated this problem.”

As companies deploy AI systems that access shared repositories, even minor misconfigurations can have amplified consequences. Glenn cautions that “AI agents, with their own agency, may look for workarounds much like human users who bypass security rules to get work done efficiently.” That behavioral parallel makes continuous monitoring and granular authorization essential, she says.

Trust As The New Metric For AI Velocity

Rubrik’s move into the AI governance space continues a broader industry trend. Vendors that once focused on backup, cloud storage, or ransomware defense are now reframing their capabilities as components of data trust infrastructure for AI. The logic is straightforward: as AI systems increasingly depend on enterprise data, the integrity and provenance of that data become part of the security perimeter.

Every technology shift creates tension between innovation and control. Cloud computing and DevOps moved quickly, often faster than security teams could adapt. The difference with AI is that agentic systems act autonomously — and can make decisions faster than humans can oversee them.

That reality has elevated “trust” as a new measure of AI readiness. Enterprise leaders increasingly view governance not as a constraint but as a prerequisite for scale. Platforms like Rubrik Agent Cloud are part of that conversation, representing an attempt to embed accountability and oversight directly into AI architectures.

For now, the market remains in early stages. What’s clear is that securing AI will require more than patching data pipelines — it demands a holistic approach that unites identity, governance, and trust. Rubrik Agent Cloud offers a platform with the potential to become a model for that evolution.