Jonathan Jaffe. Chief Information Security Officer at Lemonade, the insurance technology company. Jaffe has worked across enterprise security for over two decades and now leads security for a company where AI agents handle claims, customer interactions, and underwriting. He has spoken publicly on how the shift to agentic AI forces a rethinking of security governance: human approval gates cannot scale to the rate of agent-to-agent interactions, and the industry must move toward automated identity and policy systems where each agent carries its own auditable credential.
Operating themes
- Agent identity and authorization at scale. Every AI agent in a production system needs a unique, auditable identity; human-gated approval cannot scale to thousands of agent interactions.
- Automation as the only viable security posture. At the volume of activity agentic systems produce, automated policy at the point of action is not optional.
- AI as an equalizer for defenders and attackers. AI provides equal capability multipliers to both sides; defenders gain speed on code review, pen testing, and patching cycles.