The campus CIO you're meeting this week has had a specific kind of month. Canvas breach aftermath. GLBA MFA deadlines bearing down. Another security position lost to budget cuts. They are triaging, not strategizing. And you're about to walk in with Okta's AI agent governance framework, which went GA on April 30, and talk about the agentic enterprise.
I've been the person in that chair. Let me tell you what they hear.
The framework is sound and the conversation is premature
Okta's positioning asks three clean questions about an organization's agent population: Where are they running? What can they connect to? What can they do? The GA announcement describes a world where agents authenticate with static API keys, hardcoded secrets, and permanent access to production systems, with no central view of what agents exist, who owns them, or what they can do. The framework answers that with Agent Gateway, centralized API access controls, activity logging, and a universal logout mechanism designed as a kill switch.
All of this is correct. It also assumes the buyer has crossed a threshold that most campuses haven't reached. EDUCAUSE's 2025 AI Landscape Study found only 9% of institutions considered their cybersecurity and privacy policies adequate for AI risks. Eighty percent of faculty and staff were using AI tools while fewer than one in four knew a formal institutional policy existed. The buyer is still working on the step before agent governance.
AE action: Acknowledge this gap out loud. The fastest way to lose the room is to pitch a governance framework to someone who doesn't yet have the governance layer it sits on. Open by asking where they are on AI acceptable use policy, not where they are on agent identity. Meet them at their actual maturity level, then build the bridge forward.
Where the "identity is the control plane" thesis lands
Okta's companion positioning signals reinforce a broader argument. The AI Identity Summit series running through July 2026 and the Identity 25 report both advance the thesis that identity is the control plane for the agentic era. Okta Ventures frames 2026 as "when agentic AI stops being a new feature and becomes part of core enterprise infrastructure," with the question being "whether your IT architecture can handle them at scale with security and compliance intact."
A campus CIO who has spent years in the InCommon federation ecosystem already believes identity is the control plane. They've lived it. They built federated trust on that premise. The thesis resonates at the conceptual level in a way it might not with a buyer who came up through network security or endpoint management.
The vocabulary is where it stalls. "Control plane" is enterprise infrastructure language. It sounds like something an AWS solutions architect says. The campus buyer thinks in terms of governance, accountability, and institutional risk. The thesis makes sense to them, and it dies the moment they try to carry it into the committee room where the provost needs to hear why this matters. Ric Smith's framing is true and also sounds like a vendor keynote:
"AI agents are evolving faster than any software before them, making traditional security models obsolete." — Ric Smith, Okta newsroom
That doesn't survive the first question from the CFO about what this costs and what it replaces.
AE action: Translate the control plane thesis into governance language before the meeting. Identity governance for agents means the same thing it means for humans: who authorized this entity, what can it access, and who answers when something goes wrong. The CIO already has that framework for people. Help them see that the agent surface is the same question without an answer yet.
The bridge is already in the buyer's environment
The buyer knows, viscerally, after the Canvas breach: their environment is full of third-party integrations nobody approved, authenticated by credentials nobody rotates, connecting to student data through API surfaces that never went through vendor risk review. That is the present-tense version of the problem Okta's framework addresses at the agent layer. (The right-hand piece in this issue traces the same governance gap from the community research side.)
When the GA announcement notes that most agents authenticate with static API keys and permanent access to production systems, the campus CIO hears a description of how their LTI integrations work right now. An ungoverned LTI connection and an ungoverned AI agent are the same category of problem, differing in velocity and autonomy.
AE action: Before you mention agents, ask the buyer what their current process is for inventorying and rotating API credentials across their LMS, SIS, and CRM integrations. If the answer involves a spreadsheet or a long pause, you've found your opening. Name it: that ungoverned integration surface is the same governance problem, and agents will make it larger and faster.
Three objections and what's underneath them
"We're not deploying AI agents." They are. Faculty are connecting AI tools to institutional data. Departments are spinning up chatbots against enrollment systems. Internet2's AI readiness survey found 44% of non-IT staff were unaware of AI partnerships at their own universities. Shadow AI is shadow agents with a friendlier name. The buyer has a visibility problem, and it's growing faster than their vocabulary for it.
AE action: Ask: "Do you have visibility into every AI tool connected to your student information system in the last six months?" Don't argue definitions. Let the pause do the work.
"This isn't in my budget cycle." Of course it isn't. There's no line item for agent governance because the institution hasn't formally recognized agent governance as a category. The budget objection is real. It doubles as a proxy for a governance maturity gap the buyer can't solve alone.
AE action: Position the conversation as extending their existing identity investment. If they're already an Okta customer: you're governing human identities through this platform. The agent surface is the next ungoverned population. Frame the cost of inaction in terms of the breach they just watched happen to someone else's LMS.
"My leadership doesn't understand this space." This is the objection the buyer won't say out loud. They know that any governance framework requiring cross-institutional buy-in will die in the committee where the Deputy Provost controls the budget and doesn't want her departments' AI usage visible to central IT. They'll say timing. Underneath, the CIO lacks the political capital to force an AI governance conversation when enrollment is down and the board wants to talk about retention.
AE action: Arm your champion with the board-level narrative. Give the board the question they can act on: "Do we know what's connected to our student data systems, and can we shut it down when it's compromised?" That's a question a provost can hear.
The honest gap
Okta's education page doesn't mention AI agents. The GA launch partners are enterprise technology firms: Boomi and DataRobot. No higher education customer story exists for this product. The AI Identity Summit series is aimed at enterprise buyers.
Don't pretend it has. Lead with the governance problem the buyer already owns, connect it to the agent surface they're accumulating whether they know it or not, and be the person who helps them get ahead of it before it becomes their breach headline. The product will follow the relationship.