The Great Divide

The Great Divide is a shorthand for the widening gap between organisations that treat identity as static administration and those that use it as adaptive infrastructure. It describes a maturity and business-performance split, not a vendor category, and it becomes sharper as AI and machine identities grow.

Expanded Definition

The Great Divide names the operational split between organisations that still manage identities as tickets, spreadsheets, and periodic reviews, and those that treat identity as a live control plane for applications, agents, and service accounts. In NHI security, this distinction matters because machine identities are not edge cases anymore; they are core infrastructure with execution authority. The phrase is descriptive rather than formal, so usage in the industry is still evolving, but it maps cleanly to modern identity governance, Zero Trust, and lifecycle automation. The most useful lens is whether identity controls are reactive administration or continuous policy enforcement aligned to NIST Cybersecurity Framework 2.0. NHIMG’s research on the Ultimate Guide to NHIs shows why this gap keeps widening: NHIs outnumber human identities by 25x to 50x in modern enterprises. The most common misapplication is using the term as a vague maturity slogan, which occurs when teams talk about “modern identity” without changing how secrets, service accounts, and agent permissions are governed.

Examples and Use Cases

Implementing Great Divide thinking rigorously often introduces organisational friction, because it requires replacing familiar manual processes with continuous controls and clearer accountability across security, platform, and engineering teams.

• An enterprise still approves API keys by email after deployment, while a more mature peer provisions them through policy, rotation, and offboarding workflows tied to workload identity.
• A cloud-native team uses NHIMG guidance on NHI lifecycle control to separate credential issuance from application release cycles, rather than leaving secrets embedded in CI/CD pipelines.
• Security leaders compare their current state against NIST Cybersecurity Framework 2.0 to see whether identity is being measured as an adaptive control, not just an inventory item.
• A company that suffered a service account compromise revises its access model so agents and automation tools receive short-lived privileges instead of standing access.
• After reviewing the JetBrains GitHub plugin token exposure, a platform team adds secret discovery and remediation checks to its release pipeline.

Why It Matters in NHI Security

The Great Divide matters because the failure mode is not theoretical drift, it is measurable exposure. NHIMG reports that 97% of NHIs carry excessive privileges, and that level of overreach is exactly what persists when identity is handled as administration instead of infrastructure. The result is broader blast radius, weaker accountability, and slower containment when tokens, certificates, or service accounts are abused. Organisations that understand the divide tend to build for rotation, visibility, and least privilege from the start, while lagging organisations discover gaps only after a breach exposes how many identities were never inventoried, never revoked, or never tied to ownership. That is why identity maturity and operational resilience now move together, especially in environments where automation and AI agents can act faster than human review cycles. The governance lesson aligns with NIST Cybersecurity Framework 2.0 and NHIMG’s broader NHI research on lifecycle discipline. Organisations typically encounter the Great Divide only after a token leak, service account misuse, or agent runaway event, at which point identity governance becomes operationally unavoidable to address.

Related resources from NHI Mgmt Group

• How should security teams divide CSPM and NHI management responsibilities?
• How should security teams divide responsibility between IAM and IGA?