CyberWire Daily A midseason takeaway. [CISO Perspectives]
Nov 25, 2025
Kim Jones, a seasoned cybersecurity leader and contributor, reflects on pivotal conversations in the season. He discusses the impact of AI agents on identity and the need for innovative approaches to reduce identity fraud. The pair dive into the realities of AI risks, shifting employee expectations, and the evolving nature of scams, including crypto and employment fraud. Kim emphasizes the importance of proactive privacy measures for small businesses and critiques incremental innovations in identity solutions.
AI Snips
Chapters
Transcript
Episode notes
AI Agents As Separate Digital Personas
- AI agents acting on users' behalf create digital personas with broad capabilities that blur identity boundaries.
- Kim Jones warns we may need to treat AI agents as separate identities for accountability and permissions.
Focus On Reasonable Risk Reduction
- Accept that perfect security is impossible and focus on reducing probability and impact of incidents.
- Kim Jones advises practitioners to concentrate on reasonable risk reduction rather than chasing perfection.
The Identity Paradigm Is One-Way
- Identity systems remain largely unidirectional: users prove who they are but systems rarely prove themselves.
- Kim Jones argues we must rethink the identity paradigm to prevent fraud and misrepresentation.