Zero Trust principles Verify explicitly Diligently verify all identities accessing AI applications, and assess every application used, deployed, and developed to ensure security integrity. By defining and monitoring both intended and unintended activities, organizations can maintain a strong defense against unauthorized access. Use least privilege access Limit AI systems to only access data necessary for intended uses by authorized users and ensure that AI agents operate with the minimum privilege to perform intended tasks—typically with just-in-time and just-enough-access (JIT/JEA) and risk-based policies like adaptive access control. Assume Breach Breaches are inevitable, so this principle focuses on minimizing their impact. To proactively design effective controls to reduce risks, operate under the assumption that each AI prompt could have malicious intent, responses might inadvertently leak data, and that AI components may possess vulnerabilities.