Identity security no longer limited to human agents: Palo Alto Networks’ Huzefa Motiwala

Palo Alto Networks (PANW) has announced a $25 billion acquisition of CyberArk, strengthening its position in the fast-growing identity and access management market, which MarketsandMarkets projects will reach $35 billion by 2029.

With enterprises rapidly adopting AI agents, digital assistants, and other automated solutions, the number of potential entry points for attackers is multiplying. This makes identity security one of the most critical layers of defense.

“Identity is no longer limited to just human users. It can belong to an agentic AI bot, an LLM model, or other non-human entities. In this world, where AI agents are increasingly interacting with each other, managing identity, privilege, and monitoring becomes absolutely critical. That’s why integrating CyberArk into our broader detection and response platform is such a natural fit,” Huzefa Motiwala, senior director of technical solutions for India and SAARC region, told TechCircle in an interview.

Industry players are increasingly referring to these autonomous and semi-autonomous agents as digital workers that work alongside human agents to accomplish a given task. PANW’s customers are at different stages of AI model adaptation and deployment. To help them secure these new perimeters, the company is adopting what they refer to as security by design.

“The idea is to embed security at every stage of the AI lifecycle—from development to deployment and beyond—ensuring integrity, compliance, and minimal data exposure throughout,” Motiwala said.

Quoting PANW’s State of Cybersecurity 2024 report, he said that about 58% of Indian respondents claim to be using AI extensively, especially to generate and optimise code. Broadly, organisations are embracing AI in two ways — by building their own AI models and by using SaaS based generative AI tools.

While AI adoption is in full swing, parallelly, there has been a rise in awareness around security.

“We are seeing CISOs and newly formed AI teams taking a very prudent approach, embedding security from the start of their AI journey rather than as an afterthought. These are still early days, but the green shoots are very clear,” Motiwala noted.

To be sure, PANW has been present in India for over a decade, serving top banks, telecom operators, manufacturers, and government agencies. Its India R&D and engineering teams, which comprise 800 staffers, work as part of the company’s global network, developing products alongside counterparts in the U.S. and Israel, while staying connected to local customer needs.

Note for CISOs and CIOs

Today, cybersecurity touches every aspect – information, systems, data, cloud, and SaaS applications. In a bid to protect their perimeter, customers buy solutions point by point, as new needs arise. “Over time, they end up with 30–35 different security tools, each solving a narrow problem but not talking to one another. The burden of stitching all of this together falls on the customer. And in that fragmentation, attacks often go undetected,” Motiwala said.

To combat such complexity, industry and cybersecurity providers are moving towards platformisation.

“We are standardising security into an integrated platform that is both best-of-breed and comprehensive across multiple use cases. By consolidating, customers not only reduce complexity, which is the biggest enemy of security, but also strengthen their defense posture,” he added.

Second, in this era of AI, Motiwala believes it is vital to address both sides of the AI equation. On one hand, AI needs to be infused into security solutions themselves. On the other hand, enterprises must ensure that their own AI journey, whether it is building large language model–based applications or adopting off-the-shelf AI tools, is secure by design. “Both sides are equally important,” he said.

“Lastly, compliance and data governance naturally follow. As organisations accelerate their AI adoption, they must also embed security and compliance into the fabric of those systems, right from the start. So if I had to sum it up: consolidation through platformization, AI-infused security, and securing AI by design are the three priorities I see shaping enterprise security strategies today,” he concluded.