Identity-Centric Warfare

By: Capt Ariel Rosario
Posted on March 15,2026

The decisive terrain of the Department of War

The Vignette: The Ghost in the Approval Chain

A task force staff deployed a workflow agent to reduce friction across planning and sustainment. It lived in a developer’s toolchain, connected through a remote tool server, and could pull data, draft products, open tickets, and route approvals. For weeks, it worked flawlessly until an urgent sustainment action arrived during a high-tempo period.

The agent read the plan, selected a task, and initiated a chain of actions: vendor research, draft language, routing, and packet generation. The packet arrived looking complete, the routing looked normal, and the staff trusted the system’s prior performance. Under pressure, reliable substituted for verified. The agent was not malicious. It was over-permissioned.

Months earlier, broad roles were granted to get the prototype working. They were never removed. Credentials were cached. Privileges were inherited. When the agent encountered a compromised input, it did not need sophistication. It needed only standing access. The resulting actions were technically successful and operationally damaging because no one could answer the continuous accountability question: who authorized this action, on whose behalf, with which privileges, at that moment?

The command paused execution to validate outputs. Intelligence provenance became suspect. Sustainment actions were rolled back, and then the audit questions arrived, simple questions with no defensible answers about ownership, authorization basis, and least-privilege evidence.

The lesson landed: warfighting credibility and financial credibility now rise and fall together, and both depend on identity governance.

Argument

Multi-domain operations depends on decision advantage at machine speed, but machine speed also amplifies the oldest problem in warfare: authority without accountability. Agentic artificial intelligence (AI) introduces a surge of non-human identities, delegated tool calls, and cross-domain connectors that make identity and access the new control plane of operations. Winning in this environment requires treating human and non-human identities as warfighting infrastructure and governing them through an identity-centric approach anchored in Identity, Credential, and Access Management (ICAM), Zero Trust, and continuous auditability.

Supporting Argument 1. The Pattern: Same Attack, New Control Plane

Across technology waves, the exploit pattern stays consistent. Adversaries don’t break in, they login. What changes are where “login” occurs and how fast it propagates.

Evidence 1. Agentic AI accelerates non-human identity sprawl: one “agent” becomes many identities across platforms, toolchains, and workflows.

This is not a niche cyber issue; it is an operational risk because permissions become the fuel that turns benign automation into uncontrollable action. The risk is not intelligent agents. The risk is agents with forgotten permissions.

Evidence 2. Agentic AI does not introduce a new class of threat so much as it compresses multiple historic lessons into one operational reality:

• The insider-risk lesson (Snowden as a reference model): Trusted access plus weak governance yields catastrophic data compromise, often with no “break-in.”

• The corruption-and-oversight lesson (Fat Leonard as a reference model): Opaque processes and weak accountability create seams where influence, fraud, and mission distortion thrive.

Agentic systems widen both seams simultaneously because delegated, tool-driven actions can look procedurally valid while bypassing the intent of policy.

Supporting Argument 2. What Changed: Agents Behave Like Non-Deterministic Operators

Agents are AI systems that can autonomously plan and execute complex tasks. Unlike workflows (defined paths), agentic behavior is open-ended and difficult to predict. That unpredictability collides with traditional identity and access management, which was designed for humans, static roles, and session-based tokens.

Evidence 3. In an agentic environment, three things are consistently true:

• The identity surface area explodes. Agents call tools, tools call services, services call APIs—each hop can carry a distinct credential.

• The delegation chain becomes the attack chain. If provenance and authorization basis aren’t captured, accountability collapses.

• Static identity and access management breaks down. Coarse permissions cannot express runtime intent, and audit trails fail to capture the true authorization basis.

This is why governance must shift from point-in-time access to continuous validation: identity behavior over time, contextual access decisions, and enforcement that follows the agent.

Supporting Argument 3. Identity-Centric Warfare and the Warfighting Functions

Identity-centric warfare is the deliberate use and governance of identity, credentials, and access as operational instruments.

Evidence 4. It maps cleanly to the warfighting functions:

• Command and Control: Identity determines who can see, decide, and direct at speed. If identities are not governed, command and control devolves into “trust me” operations.

• Intelligence: Collection and dissemination depend on assured identity and authoritative sources. Agents that pull, summarize, and route intel must be attributable and constrained.

• Fires: Digital authorities gate kinetic and non-kinetic effects. Uncontrolled delegation becomes uncontrolled fires, especially where target data and authorities traverse tools.

• Movement and Maneuver: Access to navigation, timing, logistics systems, and mission apps depends on trust signals that increasingly must be machine-speed.

• Protection: Zero Trust is protection doctrine for the digital fight, never trust, always verify; least privilege; micro-segmentation; real-time monitoring.

• Sustainment: Identity governs contracting actions, supply workflows, and service access. Sustainment is where speed meets accountability and where fraud exploits seams.

Multi-domain operations require convergence across domains and partners; convergence requires trust at machine speed; identity is how the Joint Force measures and enforces trust.

Supporting Argument 4. ICAM: The Governance Spine for Warfighting and Auditability

Identity, Credential, and Access Management is the set of enterprise capabilities that establish trusted identities (human and non-human), issue and manage credentials, and enforce auditable access decisions across systems.

Evidence 5. In the Agentic Age, ICAM enables:

• Identity proofing and authoritative identity data (people, Services, agents, non-person entities).

• Credential issuance and lifecycle management (including revocation).

• Access management and policy enforcement (least privilege, privileged access control).

• Federation and interoperability across organizations and environments.

• Audit-ready logging and accountability that ties actions to authority.

This is where an “additional element” becomes equal to warfighting: the ability to pass an unmodified audit opinion. Auditability is not administrative overhead; it is institutional legitimacy. If the Department cannot prove who acted, with what authority, for what purpose, it cannot credibly govern itself under stress. In today’s climate of transparency and accountability, that is a strategic liability.

**A workflow agent—an AI identity—with improper permissions can lead to technically successful but operationally damaging actions on the battlefield. (Photo by Cpl Ryan Ramsammy.)**

Conclusion

Multi-domain operations demands convergence at speed, but speed without governance is a liability. Agentic AI is forcing a return to fundamentals: authority, accountability, and control. Identity-centric warfare recognizes that identity is now the control plane of modern operations—and ICAM is the governance spine that makes trust enforceable across humans, systems, and agents.

The decisive advantage will not belong solely to the force that automates fastest. It will belong to the force that can prove continuously who is acting, with what authority, for what purpose, and under what constraints. That is how the Department preserves operational trust and earns an unmodified audit opinion in the agentic age.

ABOUT THE AUTHOR

>Capt Rosario is a Cyberspace Warfare Officer and is currently serving at Headquarters Marine Corps Deputy Commandant for Information, Information Command, Control, Communications, and Computers–Compliance Chief Information Officer Section as the Technology Integration Officer overseeing Identity, Credentialing, and Access Management across the Marine Corps.