AI Governance in the Age of Agents: How to Manage Risk, Security & Compliance

What does AI governance look like in 2026? Live from RSAC, Delinea’s Frank Vukovits sits down with Guru Sethupathy (GM, AI Governance at Optro) to break down what AI governance looks like now that generative AI is evolving into agentic AI. They discuss why traditional, periodic audits aren’t enough, how to build practical guardrails, and what regulations and real-world business risks mean for security and risk leaders.  Key Takeaways: 1. Agentic AI expands the risk surface area. Agents can read/write in systems of record—making breaches potentially far more damaging than traditional data exposure.  2. Shift from periodic reviews to continuous monitoring. Always-on systems require real-time oversight, detection, and enforcement (not quarterly/biannual check-ins).  3. Start with your governance “posture.” Define where AI is allowed, where it isn’t, and the guardrails and boundaries that apply.   4. Build governance with three pillars: policies (rules/guardrails), processes (workflows, approvals, monitoring, documentation), and people (roles, accountability, human oversight).  5. Plan for AI supply chain risk. Your agents may interact with third-party agents—so partner governance and controls matter.  6. Regulations matter, but business risk is accelerating urgency. Reliability (bias/hallucinations), data security/privacy, and transparency are driving governance programs as much as compliance (EU AI Act, NIST, ISO, etc.).  Want more cybersecurity insights? Discover more: https://delinea.com #aigovernance #agenticai #airisk