TL;DR: AI agents intensify familiar identity and access risks by adding autonomy, reasoning, planning, and faster access to more data across environments, according to Akeyless and Admiral Mike Rogers. The core problem is that human-first identity models no longer match machine identities that act, adapt, and scale faster than governance can review them.
At a glance
What this is: This is an independent analysis of Admiral Mike Rogers' warnings on AI agents, focused on how autonomy and scale make machine identity a new governance problem.
Why it matters: It matters because IAM, PAM, and lifecycle programmes built around human users will miss the control failures that emerge when AI agents act across systems, data sets, and decision paths.
By the numbers:
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
- 80% of identity breaches involved compromised non-human identities such as service accounts and API keys.
- 92% of organisations expose NHIs to third parties, raising concerns about supply chain security.
👉 Read Akeyless's conversation on AI agent identity risk and machine identity
Context
AI agent identity risk is the governance problem that appears when software begins to act with some independence, use multiple tools, and move across datasets and environments faster than human review cycles can keep up. The article argues that the traditional identity model, which still centres human users, is no longer enough for machine identities that now drive operational work.
The shift matters because AI agents do not only consume access, they amplify it. As the article notes, more autonomy means more data, more system reach, and more impact when identity controls fail. For identity teams, that makes agent identity, secrets, and lifecycle governance part of the same control plane rather than separate conversations.
Key questions
Q: How should security teams govern AI agent identities in enterprise environments?
A: Treat each agent as a machine identity with its own owner, scoped access, and retirement path. Governance should cover secrets, data reach, approval boundaries, and offboarding from the start. If an agent can act across systems, its identity needs the same lifecycle discipline as any other high-value non-human credential.
Q: Why do AI agents create more identity risk than traditional automation?
A: Traditional automation usually follows fixed rules and known execution paths. AI agents can reason, adapt, and act across tools, which makes their access harder to predict and review. That increases the chance that identity controls will lag actual behaviour, especially when the agent is allowed broad data access.
Q: What do teams get wrong about machine identity in AI programmes?
A: The common mistake is treating machine identity as an implementation detail instead of a governance boundary. Once an AI agent can initiate actions and consume data at scale, its credentials and permissions become part of the security model, not just the deployment stack.
Q: Who should own offboarding when an AI agent is retired or replaced?
A: Ownership should sit with the team that approved the agent's use and the identity team that governs its credentials. Offboarding needs explicit revocation of secrets, removal of system access, and confirmation that no downstream integrations still trust the agent.
Technical breakdown
Why machine identity becomes harder when agents can act
AI agents are not just automated workflows. In the article, they are described as autonomous, adaptive, and interconnected systems that can plan, reason, and act across environments. That changes the security problem from static credential protection to runtime identity governance. When an identity can choose actions and move between tools, the control question is no longer only whether access exists, but whether the access path remains bounded as the agent behaves. That is why machine identity grows from a back-end concern into an operational trust problem.
Practical implication: teams need identity controls that account for runtime behaviour, not only provisioning state.
Why secrets and data access expand with agent scale
Rogers links AI agent capability to higher data demand. The more an agent is expected to perform, the more sources it must touch, and the larger the blast radius becomes if credentials, tokens, or permissions are mis-scoped. This is a classic NHI pattern, but AI agents make it sharper because their access is often broader, more dynamic, and harder to anticipate in advance. The result is that secrets management and data access governance become inseparable from agent design.
Practical implication: treat each new agent integration as an access expansion event, not just a deployment task.
Why human-first identity models break under machine identities
The article's central point is that identity programmes are still often organised around human access even as machine identities outnumber and outpace people. That creates a mismatch between how access is granted and how it is actually used. Human identity controls assume reviewable, bounded, and traceable use by a person. Machine identities, and especially AI agents, can scale access faster than that model can observe, certify, or revoke it. This is where governance lag becomes operational risk.
Practical implication: align IAM, PAM, and lifecycle reviews to machine identity patterns instead of reusing human review cadences.
NHI Mgmt Group analysis
Machine identity is now the primary expansion surface, not a side category. The article reinforces a shift many programmes still have not operationalised: identity risk is no longer dominated by human access alone. Machine identities are growing faster than human identities, and AI agents accelerate that curve by consuming more access and acting more often. The implication is not just more inventory, but a different programme boundary for governance.
AI agents expose an access model built for requests, not initiative. The identity controls most organisations use were designed for actors that respond to approval paths or human-paced workflows. AI agents act, adapt, and connect systems without that same cadence, which means identity policy starts to lag behaviour almost immediately. Practitioners should read this as a governance mismatch, not a tooling gap.
Secrets management and machine identity governance are converging. When an AI agent's usefulness depends on broad data reach, secrets and tokens become the practical expression of trust. The article's warning is that more capability means more sensitive access, and more sensitive access means the same old credential handling mistakes create larger exposure. The field should stop treating secrets as infrastructure detail and start treating them as agent control.
Complexity is the failure multiplier in AI agent governance. Rogers' view is that the threat and the solution both get harder as systems get more complex, which is why identity simplification matters. In practice, that means governance structures that depend on too many exceptions, manual approvals, or fragmented ownership will not keep pace. The discipline now is reducing the number of ways an agent can accumulate trust.
Identity programmes need a machine-first lifecycle model before agent adoption accelerates further. The article makes clear that organisations are already building operational concepts around these systems. That means joiner-mover-leaver logic, review cycles, and offboarding assumptions must be rethought for non-human actors, not copied from human IAM. The practitioner conclusion is straightforward: lifecycle design now determines whether agent adoption remains governable.
From our research:
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which shows how weak machine identity observability still is.
- That visibility gap makes the control problem bigger than AI alone, so readers should also review 52 NHI Breaches Analysis for failure patterns that repeat across machine identity programmes.
What this signals
Machine identity programmes will start failing at the boundaries between access, data, and ownership. The article points to a governance problem that many teams still handle in separate workstreams. As AI agents spread, the programme signal to watch is whether ownership, secret handling, and data scope are being controlled as one lifecycle rather than three disconnected reviews.
Identity simplification becomes a security requirement, not an architectural preference. When the access path is too complex to explain, it is usually too complex to govern. Teams that rely on many exceptions, manual approvals, and informal ownership will find that AI agents amplify every weak assumption already present in the estate.
With 96% of organisations storing secrets outside secrets managers, per Ultimate Guide to NHIs, the operational signal is clear: agent adoption will expose dormant credential debt faster than most IAM teams can clean it up. That should push practitioners to align machine identity review, secrets handling, and offboarding around the same operating rhythm.
For practitioners
- Map every AI agent to a named identity owner Assign a business and technical owner for each agent, then tie that owner to approval, review, and revocation authority for the credentials and datasets the agent uses.
- Inventory agent credentials as a distinct NHI class Separate agent tokens, API keys, and certificates from human credentials in your inventory and review process, so machine access can be rotated, scoped, and retired on its own lifecycle.
- Limit data reach before expanding agent capability Define the smallest practical dataset and system set for each agent, then expand only when a control test shows the agent still behaves within the approved boundary.
- Build offboarding into agent rollout design Require revocation steps, secret invalidation, and access removal criteria before an agent goes live, so decommissioning is part of the operating model rather than an afterthought.
Key takeaways
- AI agents intensify identity risk because they act with more autonomy, more speed, and broader data reach than human-first IAM models expect.
- Machine identity is already a scale problem, and AI agents make it a governance problem by turning access into a live operational dependency.
- Practitioners should treat agent identity, secrets, and lifecycle controls as a single programme boundary if they want to keep AI adoption governable.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Agentic AI Top 10 and OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Agentic AI Top 10 | AI agents create runtime identity and tool-use risks that map directly to agentic AI threat modelling. | |
| OWASP Non-Human Identity Top 10 | NHI-03 | Machine identity lifecycle and secret handling are central to the article's governance concerns. |
| NIST CSF 2.0 | PR.AC-4 | Least-privilege access and identity governance are core to controlling AI agent exposure. |
Map agent permissions, tool access, and approval boundaries before deployment and revalidate after every capability change.
Key terms
- Machine identity: A machine identity is the set of credentials and trust attributes that let a non-human system authenticate and operate. In AI programmes, this includes service accounts, API keys, tokens, and certificates that may be used by agents, pipelines, and workloads to reach data or tools.
- Agent identity: Agent identity is the governance view of an AI agent as an accountable non-human actor with defined access, ownership, and lifecycle controls. It is broader than a login or token because it includes how the agent is authorised, what it can touch, and how it is revoked.
- Secrets management: Secrets management is the practice of storing, rotating, and revoking credentials in a controlled system rather than leaving them in code or other exposed locations. For AI and workload systems, weak secrets handling turns access into persistent trust debt that can outlive the service itself.
- Identity lifecycle: Identity lifecycle is the end-to-end management of an identity from creation through change, review, and retirement. For non-human and autonomous actors, lifecycle control must cover ownership, access scope, recertification, and offboarding so trust does not persist after use ends.
What's in the full article
Akeyless's full post covers the operational detail this post intentionally leaves for the source:
- The full conversation with Admiral Mike Rogers on why identity compromise remains a core attacker technique.
- The episode's discussion of how AI agents increase data demand and expand the impact of security failure.
- The practical framing from Akeyless on secretless AI agent access and why identity must be designed into the system early.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building or maturing an IAM or identity security programme, it is worth exploring.
Published by the NHIMG editorial team on 2026-02-03.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
