Equity Amazon's Steve Schmidt on why your AI agents are your biggest security risk (Live at HumanX)
May 13, 2026
Steve Schmidt, Amazon Chief Security Officer with a background at the FBI and deep cyber experience, talks about AI changing the threat landscape. He explores why internal AI tools can be riskier than outside attackers. He discusses agent identities, tracing actions back to humans, containment strategies like containers and credential gating, and practical steps startups can take to inventory and protect AI.
AI Snips
Chapters
Transcript
Episode notes
Local Agents Create Single Points Of Exposure
- Agents installed on personal machines can access everything on that device, creating a single point of catastrophic exposure.
- Schmidt uses the OpenClaw example: one rogue agent on a laptop could expose all local data.
Stop Banning AI Start Tracking It
- Don't try to ban AI; instead inventory what AI tooling exists, where it's installed, and what data it can access.
- Schmidt calls this deceptively simple but operationally hard and essential for secure AI use.
Agentic Identity Lets You Trace Actions To People
- Agents need their own identity category distinct from human and machine identities to enable traceability.
- Amazon ties every agent action back to the initiating human for forensics and regulatory explanations.