Architecting the AI-Native Enterprise: Identity as Infrastructure, Technical Debt as Liability, and the Repricing of Enterprise Security
The transition to AI-native enterprise architecture demands a fundamental reconceptualisation of security primitives. This paper argues that identity must be elevated from a supporting service to foundational infrastructure — the control plane through which all AI interactions, both human and machine, are governed. Simultaneously, technical debt can no longer be treated as an operational inconvenience; under regulatory frameworks like DORA and NIS2, it represents material liability that must be quantified, disclosed, and actively managed.
The paper introduces a comprehensive architectural framework that addresses three converging forces: the proliferation of non-human identities driven by AI agents, the accumulation of security-relevant technical debt in legacy systems, and the regulatory-driven repricing of enterprise security from cost centre to balance-sheet item. Case studies from Tier 1 financial institutions illustrate practical implementation of these concepts.
- 01The AI-Native Imperative
- 02Identity as Foundational Infrastructure
- 03Non-Human Identity Explosion
- 04Technical Debt as Material Liability
- 05The Repricing of Enterprise Security
- 06Architectural Patterns for AI-Native Security
- 07Regulatory Implications: DORA, NIS2, AI Act
- 08Implementation Framework and Case Studies