Lunch, Golf, and the Agentic Workforce Question I Can’t Stop Thinking About

Illustrated by Jeff Prymowicz

‍

‍

Some of the most important conversations don't start with an agenda. They start over a meal with people you trust.

‍

Last week, I had lunch with a few former colleagues. It was the kind of catch-up you don't schedule often enough, trading updates, comparing notes on what we're seeing in the market, and, of course, collectively acknowledging that our golf games aren't improving anytime soon.

‍

Somewhere between the appetizers and the main course, the conversation took a turn that I haven't been able to shake.

‍

We started talking about AI, specifically agentic AI and the idea of an autonomous workforce. And one of them, someone I respect and who has always been ahead of the curve technically, said something that stopped me cold:

He's already replacing members of his team with autonomous AI agents.

‍

Not experimenting. Not piloting. Replacing.

‍

His reasoning was straightforward: cost, efficiency, scale. And to be clear, it wasn't reckless or uninformed. It was deliberate. Calculated and I suppose rational.

‍

And that's exactly what made it uncomfortable.

‍

Because my instinct has been very different.

‍

In cybersecurity, we're almost always operating understaffed and under-resourced. My view of AI (so far), especially agentic systems, has been as a force multiplier. Something that augments human teams, fills gaps, accelerates response, and reduces toil. Not something that replaces them.

‍

But sitting across the table from someone actively doing the opposite forced a harder question:

Is this actually a choice we get to make? Or is the "augment vs. replace" debate already being decided for us, in boardrooms, budget cycles, and operating models, whether we're ready or not?

‍

‍

The Part We're Not Talking About Enough: Who Secures the Agents?

‍

The other thread that stuck with me wasn't just workforce strategy. It was security.

‍

Agentic systems are fundamentally different from traditional software. They don't just respond. They act. They initiate workflows, use tools, persist over time, and operate with varying degrees of autonomy.

That breaks a lot of our existing assumptions.

‍

Prompt-level safeguards aren't enough when an agent can chain actions together. Static controls don't hold when behavior evolves dynamically. And traditional identity models start to look incomplete when non-human actors become first-class participants in your environment.

‍

So the real question becomes: who is responsible for securing the agents, and how?

‍

There are early signals of where this is heading.

• Palo Alto Networks has been pushing the idea that identity becomes the control plane for agentic systems, requiring stronger authentication, authorization, and auditability than we've historically implemented.
• Amazon Web Services introduced an Agentic AI Security Scoping Matrix, mapping levels of autonomy to corresponding risks and controls.
• And coverage in Forbes points to a broader reality: agentic AI is forcing a fundamental redesign of enterprise security models, adding speed, scale, and autonomy to environments that were never built for it.

‍

Frameworks are emerging. But they're early. And the pace of adoption is outstripping the maturity of the controls.

‍

‍

Where This Leaves Us

‍

I walked away from that lunch with more questions than answers.

• Are we building augmented teams, or quietly transitioning to autonomous ones?
• Where do we draw the line between efficiency and over-optimization?
• What does governance look like when decision-making is partially delegated to machines?
• And what does a secure, hybrid human-AI workforce actually look like in practice?

‍

Right now, there isn't a single, clean answer.

‍

But there is a risk in moving too fast without asking the right questions. Because once operating models shift, and they will, it's much harder to unwind those decisions than it is to make them.

‍

‍

An Open Question

‍

If you're a security leader, I don't think you can sit this one out.

‍

Whether you're intentionally choosing augmentation or not, the broader market may already be moving toward replacement in certain areas.

‍

So the question isn't just what do you believe. It's: what are you actively designing for?

‍

I'm still working through my own answer.

‍

If you're wrestling with this too, I'd love to compare notes.

‍

‍

About the Author

‍

As Chief Information Security Officer at Cloud Security Partners, Rinaldi guides the firm's commitment to empowering organizations facing complex cloud security challenges with confidence and resilience. Central to his role is building and sustaining deep customer trust, ensuring that every security decision, strategy, and recommendation is grounded in integrity, transparency, and measurable business value. He provides executive leadership and strategic direction across customer-facing security initiatives, ensuring alignment with business objectives, regulatory requirements, and industry best practices.

‍

Rinaldi focuses on helping organizations design, operationalize, and mature modern cloud security programs across data protection, threat detection and response, compliance, and secure cloud architecture. By fostering trusted partnerships and leading customers through critical transformation efforts, he enables them to reduce risk, accelerate cloud adoption, and build scalable, sustainable security capabilities that support long-term growth and innovation. Beyond his professional accomplishments, Rinaldi is deeply committed to fostering and advancing the security community. He actively supports and contributes to local security groups, including OWASP NoVA, NoVABeerSec, and SplunkersDC.