You Can’t Patch a Mental Model: How Agentic Systems Expose our Hidden Security Assumptions
Track 2 – 4pm
Name: Ben Hanson Title: Field CTO and Director of Field Engineering @ Zenity
Bio
Ben Hanson is global Field CTO and Director of Field Engineering at Zenity. Operating at the cutting edge of agentic AI, he works with CISOs and security teams at the world’s most sophisticated organisations, helping them transition from static security controls and guardrails to the fundamentally different challenge of governing intent and agency. Ben is also a leading voice on applying systems thinking to cybersecurity and AI, a member of Edinburgh University’s respected Game Theory and Systems Thinking Lab, and an influential keynote speaker with talks at Cambridge University, Oxford University, ISACA, SANS, Cloud Security Alliance, UK Cyber Security Council, and many others. A 25 year industry veteran, before joining Zenity he was Senior Security Strategist & Advisor at Microsoft, where he advised the leaders of the world’s largest Financial Services institutions, including industry giants such as HSBC, Barclays, Santander, Lloyds Banking Group, Bank of England, London Stock Exchange, and NatWest Group. Prior to Microsoft he led the Cyber practice for a top US management consultancy.
Talk Abstract
Agentic security is not hard because it is new. It is hard because it violates the assumptions our security models are built on. We build controls. Agents adapt around them. It’s not that we built the wrong controls; it’s that we built them on the wrong mental models. We keep trying to “secure agents”, but what’s required is to govern agency. These are fundamentally different problems. Most agentic security conversations fixate on threats, identity failures, over-privileged agents, and inadequate guardrails. But these are symptoms, not causes. From a systems perspective, they are the predictable outcomes of deeper, unexamined assumptions about how control, trust, authority, intent, and risk are believed to work. This talk exposes eight hidden assumptions embedded in modern security architectures; assumptions that are laid bare in adaptive, goal-driven systems. We’ll discuss a systems-based lens for security leaders and architects to: • Recognise when your controls are structurally incapable of working, • Reason about agentic risk using the four dynamics that shape the behaviour of all systems (control, decision-making, flow, feedback), and • Derive controls that constrain causes, rather than reacting to behaviour.
Intended Audience
Anyone
How NSFW is this talk?
(How spicy is your talk in chilli’s?)
U – Suitable for All