A new report found 74% of organizations AI will lead to more attacks on identity infrastructure. Yet, many organizations are handing AI the keys to sensitive systems before securing guardrails around those identities. 

93% already use or plan to use AI agents for password resets, VPN access or other sensitive security tasks. 92% report is installed on some local machines at least, possessing the ability to access to SSH and encryption keys. However, in the event that AI exposes admin credentials, only 32% globally are very confident in their ability to regain control. 

AI identities are wholly registered, authenticated and authorized in a formal system among only 65% of organizations surveyed. Concerningly, 6% admit to not tracking the identities at all. 

Below, security leaders discuss the implications of these findings, discuss key takeaways, and share advice to mitigate risks. 

Security Leaders Weigh In

Shane Barney, Chief Information Security Officer at Keeper Security: 

Security teams can no longer view identity as a human-only challenge. Today, service accounts, API keys, machine credentials, automation scripts, AI agents and other Non-Human Identities (NHIs) often outnumber human users by dozens or even hundreds to one. As organizations embrace cloud infrastructure, DevOps pipelines, AI and automation, NHIs have become foundational to business operations — and a rapidly expanding attack surface.

The mindset shift is moving from perimeter-centric security to identity-centric security. Every identity, whether human or non-human, should be continuously authenticated, authorized and monitored under a zero-trust model. The assumption that machine identities are inherently safe because they operate in the background is exactly what attackers are counting on. Every credential, token, secret and certificate should be treated as a privileged asset that requires visibility, governance and lifecycle management.

This evolution mirrors what we've seen with privileged access management. Security leaders must assume breach, eliminate implicit trust and apply the same rigor to NHIs that they already apply to human administrators. As AI adoption accelerates, this becomes even more important because every AI agent introduces a new identity, a new access pathway and a new compliance obligation.

Fully autonomous NHI management, without human oversight, is not the goal and shouldn’t be. The aim is automated governance — systematic, consistent and policy-enforced — with humans retained in the oversight role.  Organizations should establish systems that automatically discover new machine identities, classify risk, enforce policies, rotate credentials and alert security teams to unusual behavior. Automation reduces operational burden while ensuring consistency.

Successful programs start with strong identity governance. Every NHI should have a designated owner, defined purpose and documented lifecycle. Policies should dictate how identities get created, approved, monitored and decommissioned.

As AI agents become more common, organizations should also treat them as privileged identities. That means clearly defined operational boundaries, least-privilege access, continuous monitoring and a complete audit log of everything they touch. Autonomous systems work best when paired with human oversight and strong governance frameworks.

James Maude, Field CTO at BeyondTrust:

The C-Suite, CISOs, and CSOs need to look beyond siloed views of obviously privileged identities and take a holistic view of the combinations of privileges, entitlements and roles that could be exploited by an attacker to elevation privilege, move laterally and inflict damage. The identity security debt accumulated by many organizations represents a far great risk than any other area as it only takes the attacker to login using the right identity and all is lost because of the paths to privilege that abound in their environment. Understanding and reducing your identity attack surface should be at to forefront of every organization thinking when it comes to cyber defense moving forward.

Elad Luz, Head of Research at Oasis Security:

To reduce the risks associated with Non-Human Identities (NHIs), security teams need to implement modern identity management practices, strong governance, and proactive security controls. Where possible, organizations should transition to cloud-native identities and establish a comprehensive lifecycle management strategy for NHIs that cannot be migrated. Maintaining good identity hygiene is critical — this includes removing stale or unused NHIs, conducting regular access reviews, and ensuring NHIs follow the Principle of Least Privilege (PoLP) by granting only the minimum permissions necessary.

A structured policy and enforcement program should be built around risk analysis and compliance frameworks, ensuring NHIs align with both security best practices and regulatory requirements. Adopting short-lived credentials, automated credential rotation, and managed identities can further minimize risk by limiting exposure. Collaboration with app development and DevSecOps teams is also essential to integrate these security measures without disrupting workflows, ensuring that NHIs remain secure while maintaining operational efficiency. By treating NHIs with the same level of oversight as human identities, organizations can mitigate risk while maintaining agility and scalability across their development and cloud environments.

The rise of AI agents will introduce new security challenges for NHIs. These agents often operate under machine accounts or service identities, acting on behalf of human users, which makes it difficult to track permissions, monitor usage, and enforce accountability. Without proper oversight, organizations risk losing visibility into which identities have access to critical resources and how they are being used.

The main concern is governance. If AI agents are assigned persistent, unmanaged service accounts, these identities can quickly become overprivileged and unmonitored, increasing the organization’s attack surface. To mitigate this risk, security teams should implement automated monitoring, enforce least privilege, and establish clear policies for AI-driven NHIs. By putting these guardrails in place early, organizations can embrace AI automation without compromising security.

Crystal Morin, Senior Cybersecurity Strategist at Sysdig:

Identity management has undergone a massive shift: humans now make up less than 3% of managed identities in cloud environments. The rest belong to machines that don’t log off, don’t take breaks, and often operate with elevated permissions. 

As automation and AI-driven development explode, the gap between human and machine identities is becoming one of the defining security challenges of our time.  Machine identities are ephemeral, autonomous, and often difficult to manage at scale with traditional controls, which were never designed for this speed. Identity is the primary access control, it defines an environment’s boundaries, and it’s the most common source of initial access in a breach.

To keep up, organizations must rethink identity security as a continuous, lifecycle-driven discipline. Businesses must treat machine identities as the new firewall.

Diana Kelley, Chief Information Security Officer at Noma Security:

AI risks have rapidly moved from a watch list item to a front-line security concern, especially when it comes to data security and misuse. To manage this emerging threat landscape, security teams need a mature, continuous security approach, which includes blue team programs, starting with a full inventory of all AI systems, including agentic components as a baseline for governance and risk management. 

For practitioners, securing AI is not just about protecting models. It requires addressing stack sprawl and moving toward a platform-driven approach that delivers defense in depth through unified, AI-aware identity, configuration, and data visibility. Organizations that simplify their cloud and AI security stack, and enable effective automation, will be far better positioned to safely scale AI as threats continue to evolve.

Chris Radkowski, GRC Expert at Pathlock:

The rise of AI agents and machine identities has fundamentally outpaced traditional identity security. MFA and legacy access controls were built for a world of human users, not autonomous agents, service accounts, and AI-driven workflows that now outnumber people across the enterprise by 20x. Making matters more complex, the productivity promise of AI is too compelling for employees to wait on IT, workers are signing up for AI-powered tools, copilots, and automation platforms using their enterprise credentials, connecting them directly to corporate email, productivity suites, and business applications, often without security’s knowledge.

As agentic AI takes on real business actions with real permissions, the attack surface expands in ways most organizations aren’t prepared to see, let alone secure. Credential abuse, account takeover, and sophisticated social engineering are increasingly targeting the non-human identities that operate quietly in the background with little oversight. That is why we believe that securing the modern enterprise means treating identity holistically by extending governance, least-privilege, and adaptive controls across every identity, human or machine. In the AI era, identity isn't just an IT problem. It’s the foundation of trust itself.

Randolph Barr, Chief Information Security Officer at Cequence Security: 

We’re seeing AI rapidly evolve from simple automation to deeply personalized, context-aware assistance — and it’s heading toward an Agentic AI future where tasks are arranged across domains with minimal human input. 

Before we even get to AI-specific risks, we have to get the fundamentals correct. In the haste to bring AI to market quickly, engineering and product teams often cut corners to meet aggressive launch timelines. When that happens, basic security controls get skipped, and those shortcuts make their way into production. Therefore, while organizations are indisputably starting to think about model protections, prompt injection, data leakage, and anomaly detection, those efforts mean little if you haven’t locked down identity, access, and configuration at a foundational level. 

Chandra Gnanasambandam, Chief Technology Officer at SailPoint:

Adversaries are using AI to operate at a scale and speed that makes traditional, static defenses obsolete. The window between a vulnerability’s discovery and its exploitation has shrunk from months to mere days, and soon it will be minutes.

Moving forward, security teams must look inwards. Instead of focusing exclusively on keeping threats out, we must meticulously govern what happens inside our own systems. This means abandoning the dangerous, yet common, set-it-and-forget-it approach to access policies. Teams must accept that static, persistent access is the single greatest vulnerability in the modern enterprise. The new mandate is to pivot from a mindset of static protection to one of real-time governance, either through least privilege or zero standing privilege. 

We must also recognize that governing non-human identities is fundamentally different from governing humans and requires a new, specialized framework built for machine-speed operations.

Let’s face it: You simply cannot secure what you cannot see, and right now, most enterprises are flying blind regarding the sheer volume of their non-human workforce. It is no longer enough to just track a few service accounts. Teams need to deploy discovery mechanisms capable of identifying agents across the entire digital ecosystem. They must be able to find and classify cloud agents managing infrastructure, app-level agents driving enterprise workflows, browser-based agents and extensions, and endpoint bots operating on local machines.

Furthermore, discovering that an agent simply exists is only half the battle. To truly identify an NHI’s footprint, teams must map its complete web of connectivity and identify everything it accesses — the internal tools they are authorized to execute, the SaaS apps they integrate with, and the specific data repositories they query or modify. This discovery process must also uncover and catalog the underlying credentials associated with every single one of these interactions. Whether they are API keys, OAuth tokens, or legacy embedded secrets, teams should know exactly how these agents are authenticating.

To effectively identify NHIs, teams need a system capable of continuously discovering this entire matrix: the specific type of agent, the credentials it holds, the tools and data it accesses, and the specific risk that each of those privileges poses. This holistic, continuous visibility is the only way to regain control and begin securing your non-human workforce.

Most organizations think secrets management means storing secrets in a vault. That’s table stakes, and it’s not enough. You probably don’t know how many secrets your organization has right now. API keys, tokens, encryption keys, access keys scattered across code repositories, CI/CD pipelines, Slack, Jira, wikis, and production infrastructure. If you can’t discover them, you can’t govern them. To govern secrets, organizations should: 

1. Discover everything, not just what’s in the vault. A vault is where secrets should live, not necessarily where they do live. Real secrets security requires scanning across all the places secrets end up: code repos, cloud environments, Kubernetes, collaboration tools, and anywhere developers work. The goal is a live, accurate count of every secret in your environment.
2. Add context. A secret without context is just a string. You need to know what it accesses, who owns it, where it’s being used, and whether that usage makes sense. Lineage mapping and ownership attribution are what turn a raw inventory into actionable security data.
3. Prioritize by actual risk. A production secret with broad cloud permissions and no owner is a five-alarm problem. A dev environment token with narrow scope is not. Not all secrets are equal, and your remediation queue should reflect that.
4. Flag and rotate the idle ones. Secrets that haven’t been used are silent risk. They accumulate over time, often attached to service accounts nobody remembers, and they’re exactly what attackers look for. Identifying idle and orphaned secrets before someone else finds them is one of the highest-value things a security team can do.

Secrets don’t just need to be stored, they need to be governed. Governance means knowing where they are, who’s responsible, what they can access, and whether anything looks wrong.