Every enterprise has an authority stack. Most don’t know it exists until something breaks at the top.
The five layers
Infrastructure — The compute, network, and storage that everything runs on. Mature. Well-understood. Most organizations have this handled.
Identity — Who or what is acting. Users, services, agents. Also mature — the last decade of investment in IAM, SSO, and zero-trust has made identity a solved problem for most enterprises.
Authorization — What the actor is allowed to do. This is where investment starts to thin out. Most organizations have authorization systems, but they are fragmented, inconsistently enforced, and rarely audited.
Guardrails — The constraints placed on action. Rate limits, approval workflows, content filters, behavioral boundaries. For AI systems, this is where most of the current attention is focused — but often in isolation from the authorization layer it should sit on top of.
Governance — Who decided what the rules are, how those decisions are documented, and how accountability is assigned when something goes wrong. Almost universally underinvested.
The pattern
Organizations spend heavily on the bottom two layers. Identity and infrastructure are well-funded, well-tooled, and well-understood.
The top three layers — authorization, guardrails, governance — receive a fraction of that investment, despite being where most real failures occur.
Why AI changes the calculus
AI agents apply pressure to the upper layers in ways that human actors never did.
A human employee operates within social constraints — they know when they are doing something unusual, they hesitate, they ask. An AI agent does not hesitate. It executes within whatever authority it has been granted, at whatever speed the system allows.
Without strong authorization, guardrails, and governance at the top of the stack, the speed and scale of AI agents becomes a liability rather than an advantage.
Where does your organization’s investment stop in this stack?