CIOs and CISOs facing the new Zero Trust: maintaining control without hindering automation

Articles20 May 2026
Understand how identity management is changing in an environment where AI, agents, and automated processes are playing an increasingly significant role in operations.

The responses make it clear that one of the main changes directly affects identity, one of the classic pillars of Zero Trust.


The model no longer revolves solely around users and devices; agents, automation, APIs and processes capable of making decisions or carrying out actions autonomously are now also at play. In practice, this is shifting the focus from simple access verification to the expected behaviour of each entity. Manuel Asenjo Ayllón, CIO and CISO of Écija Abogados, sums up this change well by noting that “the perimeter is no longer defined only by people; it is also defined by processes.”


In their organisation, the management of non-human identities has become “a real priority,” to the point where each automation is treated “as another critical identity, with a limited scope of action and under constant supervision.”


This is not just a theoretical experience. As he explains, they have already encountered “real cases of processes that have diverged with completely unexpected outcomes,” something that is leading them to strengthen micro-segmentation models and the principle of least privilege, also for automated agents.


Article by Manuel Asenjo, CIO and CISO at ECIJA. Read the full article here.

Un teléfono móvil reposando sobre una superficie amarilla, con una lámpara iluminando el entorno.

LATEST FROM #ECIJA

The scope is no longer defined only by people; it is now also shaped by processes.

Manuel Asenjo | Information Systems Director and Information Security Director