Exploring Agentic AI Tooling & Enterprise Risk

Kaila: Hello, hello. How are we doing, Shelby?

Shelby Tallent: Happy Friday. I am doing great. How about yourself?

Kaila: I am good, thank you. Excited to have everyone here today.

A little overview of what we are going to be talking about: the topic of agentic AI and non-human identity has come up in almost every conversation we have had recently when we talk about user risk. Users are not just humans anymore. We now have what we refer to as agentic AI — non-human identities that have access to our systems, can automate tasks, and can potentially share sensitive information.

From a GRC perspective, we need to think about how we govern these tools to make sure our information is safe and our organizations are not opening up unnecessary exposure, while still remaining innovative and moving forward with the new tools we have access to.

We are very lucky today to have Shelby Tallent with us. Shelby has pioneered the AI GRC function at Alaska Airlines, built out her own policies, and has been generously sharing what she has learned with organizations and nonprofits across the industry.

Shelby, I would love to turn it over to you. Before we get into the topic, can you give us a little background on where you have been, what got you interested in this space, and how you are spreading the word about AI safety now?

Shelby Tallent: Of course. I am so excited to be here, and I am genuinely appreciative of the leadership at Alaska Air Group for prioritizing this work and making this role possible — it was not a position that most people saw even a few years ago.

The reason I got into this space is that I came from the AI development side. I was embedded in data engineering and data science teams and led AI and data strategy for a number of product offerings. I found myself in a few situations where I saw we were prioritizing revenue and shareholder value over consumer protection, and as I watched machine learning and data science start moving into a more agentic AI space, I realized someone needed to be there to help identify those risks and make sure we were protecting our consumers and our brand.

I felt I could bridge that gap, so I made the move. A fun fact about myself: as a kid, I wanted to be the first female Secretary of Defense. My ethos as a human is doing the right thing and protecting others. Even though I did not end up as Secretary of Defense, I feel like I am something like a Secretary of Defense for AI at the company I work for. I want to protect them, protect our customers, and make sure we are approaching AI from a responsible and ethical perspective.

Kaila: I love that, and I think that ethos really shows in how you have developed this role at Alaska Airlines. For a little background for the audience — the reason we are having this conversation is that Shelby and I talk about these things often, and every time we speak I am more impressed by what she is building. Can you talk about what this actually looks like in practice? It is not just adding a new member to the GRC team — it is teaching others, integrating this into business processes, and enabling people with the right tools so they can be successful without causing harm.

Shelby Tallent: Sure. First, let me define what agentic AI actually means for us. Very practically, agentic AI is any system that can take action on behalf of an enterprise — not just generating content. The moment an AI can trigger a workflow, call an API, modify data, or execute changes using delegated access, it becomes an actor in itself, not just an assistant. That distinction really matters, because our governance model at Alaska Air Group is designed around who is allowed to act, under what conditions, and what safeguards are in place. Those same expectations that apply to human operators apply to AI agents as well. We are not treating them differently.

What we have done is draft AI agent security standards where agents are treated as non-human identities with explicit lifecycle ownership, approval, and monitoring requirements tied into our development lifecycle. The biggest thing we always tie back to is safety and integrity. We draw clear lines when risk materially changes, and teams need to know exactly when governance requirements escalate and when there will be higher levels of scrutiny. It is a two-way street — we need explicit guardrails in place, and we need humans to follow those expectations. That is true of anyone working in a GRC space. We write policies and standards, and the question is always how many people follow them.

With agentic AI, I do have a good level of confidence in where we are headed once those guardrails and controls are in place — and that is because it is somewhat different from humans. You can give humans procedures and best practices, but every time they execute a task they bring a different state of mind, a different goal, a different level of urgency. When you give actual policies and workflows to technology, it is much more likely to follow them consistently.

That said, there are use cases where agentic AI circumvents a policy or bypasses access controls, and that comes down to development practices. When you are building an AI solution, especially agent-to-person or agent-to-agent systems, you need to look carefully at what controls exist. There needs to be detailed monitoring and explicit testing of those agents before they ever reach a production environment. You need to be red-teaming them. I would even encourage an internal beta with real users to test how people actually work with an agent before a wider rollout — because with emerging agentic AI technologies, you often will not discover edge cases until you run into one. When that happens, you need to go back and put a new requirement or control in place.

Kaila: That makes sense. Do you find people unknowingly skipping that process — whether it is through a new browser plug-in or a tool they are excited about? On the marketing side, the tools are endless. There is something new every day. You have to step back and ask which data are you actually allowing it to see, whether you are connecting it to other systems, whether the right process is in place. Do you see employees doing things because they want to contribute and they are excited, but inadvertently circumventing the process you are trying to put in place?

Shelby Tallent: We do see this across the industry. It is often called shadow AI — unauthorized AI use. I actually think shadow AI happens when you do not have strong guardrails and you do not have strong AI enablement.

At Alaska Air Group, I work in partnership with our third-party risk team that runs our supplier assurance program, as well as cybersecurity architecture and data privacy, who are all looped into that process. Any time someone wants to work with a new software solution, it goes through vendor assessment and we look at everything. But sometimes people do not go through that process.

So it goes back to education, and we also have to pair that with a cyber operations perspective — for the people who are not going through the right process, how do we monitor for it, how do we catch it, and how do we make sure we are updating our authorized and unauthorized lists and setting clear expectations with those employees? Sometimes it is a knowledge gap. Sometimes they were simply unaware. You always want to start by assuming positive intent, and then if you need to escalate, you do so through the right channels with your business partners.

Kaila: I love that attitude of assuming positive intent. A lot of people doing things outside the approved process right now are doing it because they want to contribute to the organization — they are not doing it to cause harm. But that balance is important: making sure we are doing the right thing while also making sure people are not too scared to come to us if they have questions or are unsure whether they are doing the right thing.

Shelby Tallent: I lure people in with candy. It really works. I am a big Formula One fan and I have a popcorn helmet that I fill with sour punch balls to entice people to come talk to me. I give them a piece of candy, and then when something needs a tough discussion, I lead with candy too. I want to be a friendly, familiar face — not someone who comes in to shut things down. I want to hear people out and understand their perspective.

Kaila: I love that. I want to bring up a more specific topic: least privilege. For a long time, when people thought about least privilege it was about providing humans with the minimum access they need. Now, applying that same logic to agentic AI — do you think the same principles apply?

Shelby Tallent: Everything needs to start with that beta or experimentation process. There is a statistic people quote that 95 percent of AI proof-of-concepts fail, but I actually think the majority of those are really just experimentation or research — not true POCs. There needs to be a separate bucket where people, especially as they are testing new workflows, do that experimentation and research first: is this technically feasible, does it align with this workflow? Then they move into a full proof of concept.

For least privilege specifically, it cannot be static. At Alaska Air Group, we view RBAC — role-based access controls — as defining what an agent is allowed to do, while we also use ABAC — attribute-based access controls — to govern when, where, and under which conditions an agent may act. That combination allows us to enforce separation of duties dynamically and prevents agents from executing high-impact actions unless specific attributes, risk thresholds, or human-in-the-loop conditions are met. We have built those into both our AI agent security standards and our model context protocol security standard.

The biggest principle is no unchecked authority — whether you are talking about a human or an AI. Context matters as much as capability. I encourage everyone to go through that research and experimentation phase, work through the intended use cases for the workflow, and then work through the edge cases — because that is where an AI agent is most likely to go off-path or circumvent something.

Kaila: I love all of that, and it is super actionable. Given that you came from an AI engineering background and have this very technical perspective, what would you say to people who are within the GRC space and find this overwhelming — this is very different from what GRC focused on even a year or two ago. Where do they start?

Shelby Tallent: First, I challenge everyone to understand their own learning style. Are you someone who learns hands-on, by seeing, or by talking things through? Once you understand that, pursue the path that fits. For me, I am a very visual learner, so if I want to understand a new agentic AI technology, I will go to our AI engineers and ask them to walk me through a demo — what tools they used, what type of code, what they thought about when building it. Then I can ask questions from there.

We actually have a weekly AI backlog intake meeting with individuals across all of our AI and engineering teams, data privacy, and myself representing AI GRC. As new use cases come in, we get involved left of design — before there is even a full product requirement document or high-level architecture. We can come in early and say, here are the potential requirements we think are in scope, let us have a follow-up discussion. Most companies do not do that. I have worked at quite a few companies, and usually GRC only gets brought in when something is ready to go to production. That is when you see delays, lack of context, and frustration. If you can get those conversations out of the way early and work through the design together, you have a much smoother path going forward.

Kaila: That culture you have built sounds really powerful. Does it come from the top? Is leadership genuinely engaged in governing this space?

Shelby Tallent: Yes, they are. I ran our AI governance council throughout last year, and this year leadership said they wanted to get closer to it. So we are moving to a federated model with an enterprise AI governance council above my team. At first I was not sure how I felt about that, but the members across that council wanted to make sure I was not the only one accountable for everything from an AI governance, risk, and compliance standpoint — and they are experts across every part of the business, from operations to finance to supply chain management. They bring a viewpoint I simply do not have.

That all ties back to our shared values at Alaska Air Group, which are posted on every wall. We have four: own safety, do the right thing, be caring and kind, and deliver performance. Every employee knows them. And our mission — connecting our guests to the world with a remarkable travel experience rooted in safety, care, and performance — maps directly to what we care about in GRC. We care about safety. We care about the individuals who could be impacted by a cybersecurity incident. We care about the performance of the business and how we show up for our guests. So it is both internally guiding how we work and externally guiding how we show up for everyone.

That alignment is a big reason I have enjoyed working at Alaska Air Group so much. Culture is everything. And even as we acquired Hawaiian Airlines this past year, it meant a lot to me to see that they kept that brand separate and intact — because they cared about preserving that shared culture framework.

Kaila: I love that. For teams that are not seeing that same support from leadership or that same interest in governing this space, what do you think would resonate most with other leadership teams to get them engaged?

Shelby Tallent: It starts with risk. If you can clearly articulate the potential risk of utilizing AI and tie it back to your specific industry's business impacts, that language will speak to leadership. They may not understand your specific technical workflow, but if you can answer: how is this going to impact our business specifically, what happens if things come to a complete stop because of AI, what are the client concerns, how does this affect our people and our customers — and you have those honest, candid conversations — that speaks volumes. Think about what your AI risk framework is going to be and ground it in business impact.

Kaila: Do you see common misconceptions about agentic AI and enterprise risk — things people consistently misunderstand?

Shelby Tallent: Definitely. I am in a unique position where some days I am embedded in our data science and incubator teams seeing what they are actually developing, and other days I am in the room with executives. The biggest disconnect or misconception I see is that model risk equals enterprise risk. With agentic systems, identity and access failures dominate. A content policy will not stop an over-permissioned agent from doing exactly what it was allowed to do, at scale. That is why our agent standards focus heavily on identity governance, monitoring, and kill switches — not just acceptable use language. Controls must be enforceable, not aspirational. Real controls prevent costly rework and incidents.

If people are focused only on model risk and not thinking about enterprise-level business impacts, they are only getting one piece of the picture. You have to tie it back to what this means financially for the organization, because that is going to affect budget, affect people, and affect overall enterprise growth.

Kaila: That is a great point. The impact is very direct here, much more so than what people may have experienced with GRC work in the past.

Shelby Tallent: Our brand is everything to us — everything to our customers — and it is our responsibility to do the right thing, operate safely, and deliver on the performance we promise.

Kaila: I want to shift to future thinking. Limiting it to the next 12 months, what do you see changing in this space?

Shelby Tallent: If anyone watches Love Island — move over, chatbots. The new It girl has entered the villa and it is AI agents. But even 12 months from now, agents themselves are going to shift. Right now, most AI agents are agent-to-person. Most organizations do not yet have true workflows where a group of agents hand off to each other and deliver a final output to a human in the loop. As most organizations work on their technical maturity and ensure the right controls are in place, I think we are going to see full agentic workflows become much more common.

I genuinely think that many individuals who currently have two or three team members doing a set of tasks will instead have three to five agents doing different pieces of that work — and their role will shift to being an agent leader rather than a people leader. Monitoring outputs, moving things forward, overseeing those workflows.

One of the biggest gaps I see right now is that a lot of agent control panels and vendor tools are popping up showing how to manage individual agents, but I am not seeing them show how to manage agent-to-agent workflows. I am only seeing single agent registries showing how that one agent connects to APIs or data flows — not what it looks like when you have three to five agents in a single workflow. People are not prepared for that yet.

Kaila: For people who do not yet have that skill set, how do they start preparing? How do you become a good manager of agents working together?

Shelby Tallent: I want to take a step back first, because it is not just about individual skill sets — there are also limitations based on where your organization is from a technical maturity standpoint. Being able to move quickly is built on having good governance and security best practices already in place.

We are finding that there are a lot of things people were not following where we had policies, or where we did not have all the controls in place — and now with agentic AI, the blast radius of those gaps is much larger. An agent can do more in a shorter amount of time. So you really have to pause, assess your technical maturity, and then layer on the learning and skill-building from there.

I encourage people to go learn vibe coding. Go build your own agents in your free time. One of the best examples I heard recently was from someone on a marketing team who got tired of figuring out what to cook at the end of the day, so they built a personal agent where they take a photo of what is in their fridge and the agent automatically generates two or three recipes with instructions. Their executive functioning was completely used up by end of day — they did not want to think about dinner — and the agent solved that for them. That kind of hands-on personal experimentation is a fantastic way to start building intuition for how these systems work.

Kaila: I love that, and exploring on your own is huge. When we think about AI more broadly, what about teaching our families — especially when it comes to agentic AI? Is there anything employees should go home and talk to their loved ones about?

Shelby Tallent: Definitely talk to them about safe use. Family members and loved ones often create their own accounts with out-of-the-box access to tools like Google Gemini, ChatGPT, or Anthropic — and most people never go into the settings to check whether the information they are putting in is feeding back into the general model, whether their history is being stored, or what controls they actually have as an individual user. That should be priority one.

Think about how many times we go to a website and click accept all cookies, or sign up for an account and accept terms and conditions without reading them. That same lack of attention can create real exposure with AI tools. People should understand what they are agreeing to.

The other thing I worry about and wish people would educate on is over-reliance. Do not just take an output at face value. We have seen potential lawsuits arise because people took the output of a chatbot and used it for medical or legal reasoning without verifying its accuracy. People need to stay accountable for quality-checking, for being the human in the loop.

I tell people all the time: this is your opportunity to show what your superpower is as a human. If you are not great at certain things, build an AI agent to help with those. But the things you are truly excellent at — do not automate those away. Let people see that work and who you are.

There is also a real positive here for accessibility. I am dyslexic, and my grammar has always been a challenge. Having AI look at the structure of how I have drafted policies and documents has been genuinely helpful. And something I appreciate is being able to prompt it to check whether something reads clearly to someone who may be neurodivergent. These are real quality-of-life improvements for a lot of people.

That said, I do challenge myself to remember that not everything I do needs to go through AI. I can use it to gut-check something, check tone or structure, but people want to see my thought process and who I am. If everything starts sounding the same, we truly have become cognitive machines.

Kaila: That leads me to my last question before I open it up to you for any final thoughts. On a positive note — thinking about the next 12 months — what are you most hopeful about? What do you think will be the most innovative or groundbreaking area of agentic AI?

Shelby Tallent: I think it is going to be the accountability piece. In a lot of areas of cybersecurity and GRC, we do not get meaningful investment until something goes wrong or there is a sentinel event. But because the blast radius with agentic AI is so large and the potential risks are so significant, I do think we are going to see a bigger amount of investment in how we govern and handle these risks — and how we deal with things from a compliance perspective.

Once we get to a higher level of technical maturity, we are going to have really robust monitoring and observability. We will be able to identify anomalies and potential issues and mitigate them in real time. And I think this creates a genuine opportunity for GRC to become a higher priority than it has been in the past. Companies tend to invest in product, developer productivity, and revenue generation — but I do think we are going to see a real need to invest in security governance as AI becomes more embedded across the business.

What excites me most is that a lot of the GRC projects that people have always wanted to get funded but could not get support for — people are now coming to them asking for those exact things. AI is a catalyst for investment in the right places.

The challenge is making sure we are prioritizing the right things, because AI is a catalyst across everything. That goes back to doing good experimentation and research before moving into a POC phase, quantifying the results, and only moving to production when you have hit your success criteria. Experimentation and research is about technical feasibility — does this even have the capability to deliver the value I am working toward?

Kaila: And that way you also avoid burning through budget on tools that do not deliver. If you take on a lot of new tools because you are excited and spend heavily but do not see results, that erodes trust and makes it harder to get future investment.

Shelby Tallent: Exactly. There are so many agentic solutions out there right now that it is getting genuinely complex to manage them all. One of the things I am working through over the next six to eighteen months is: as the number of agents scales and this space expands, what do I need to do to support that? That is the challenge I am actively trying to solve.

Kaila: Perfect place to wrap up. Shelby, this has been so valuable — really tangible next steps people can take, which I love. Any final words for our audience?

Shelby Tallent: When it comes to agentic AI, we are all being asked to operationalize trust. You cannot put a price on trust. For Alaska Air Group, agentic AI governance comes back to how we translate our values into enforceable guardrails for autonomous systems. Governance is not about slowing innovation — it is about protecting our people, our guests, and the trust they place in us.

I really challenge everyone to think about how to move forward in a safe way. If you have not already done so, how do you bring people from your GRC or security team into the conversation left of design — before the product requirement documents are written, before the high-level architecture is set, before development has started? Getting someone in early enough to say, have you thought about this from a security or compliance perspective, will streamline everything that comes after.

Kaila: Perfect final words. Shelby, thank you so much. I encourage anyone watching to connect with Shelby on LinkedIn — she posts consistently and keeps the community informed on everything happening in this space. I am so glad we got one of these conversations recorded so we can share it more broadly. Thank you for your time today.

Shelby Tallent: It has been a pleasure. I am so appreciative of this audience. If anyone has questions, feel free to reach out. I will answer them as time allows. I am really excited to see how this role and this field continues to evolve, and how many others help shape what AI GRC looks like for businesses and industries going forward.

Kaila: Thanks, Shelby, and thank you everyone for joining. We will see you soon.