AI governance fails when non-human identity inventory is missing

At a glance

What this is: This analysis argues that AI governance fails first as a non-human identity visibility problem, because AI tools create persistent access outside standard IAM workflows.

Why it matters: For IAM and NHI teams, the practical risk is unmanaged AI-connected access that escapes provisioning, review, and offboarding controls.

By the numbers:

• 63% of organisations lack formal AI governance policies, according to IBM’s Cost of a Data Breach report.
• The average enterprise today has a 144:1 ratio of non-human to human identities, according to Clarity Security.
• 97% of organizations that reported an AI-related breach lacked proper AI access controls at the time of the incident, according to Clarity Security.

👉 Read Clarity Security's analysis of AI governance and non-human identity risk

Context

AI governance becomes an identity governance issue the moment a tool is connected to a business system. In practice, AI integrations create non-human identities with real access, and those identities often appear outside normal provisioning, review, and offboarding workflows. The primary keyword here is non-human identity, because that is where the security boundary actually moves.

The article frames shadow AI as the accelerant: teams can connect AI tools quickly, often without IT involvement, and then leave the resulting access in place. That is not a model-safety problem first. It is a visibility and control problem for IAM, NHI governance, and auditability, and the typical starting position is already behind the operational reality.

Key questions

Q: How should security teams govern AI-connected non-human identities?

A: Treat them like first-class identities with owners, scope, logging, and retirement conditions. Start with discovery across SaaS, cloud, and workflow tools, then assign least-privilege access and review it continuously. AI-connected credentials should never rely on a one-time setup or an annual audit to remain safe.

Q: Why do traditional IAM and IGA processes miss AI governance gaps?

A: They are built around human lifecycle events such as joiner, mover, and leaver. AI tools can be created outside IT, never enter the HR system, and persist after the pilot ends, so normal certification cycles often miss the orphaned access that matters most.

Q: What is the difference between human identity governance and NHI governance for AI tools?

A: Human identity governance assumes a person, a manager, and a clear employment lifecycle. NHI governance has to manage credentials, tokens, bots, and agents that can appear instantly, change scope quickly, and outlive the original use case if no one explicitly retires them.

Q: When does AI adoption create more identity risk than value?

A: Risk rises when teams can connect AI tools faster than they can inventory, review, and revoke their access. If the organisation cannot answer who provisioned the identity, what it can reach, and when it will be removed, the governance debt is already overtaking the benefit.

Technical breakdown

Why AI tools become unmanaged non-human identities

When an AI tool is connected to a CRM, data warehouse, or workflow system, it usually authenticates as a service account, OAuth app, token, or other non-human identity. That identity can persist independently of the original pilot or use case, which means access outlives the person who set it up. The failure mode is not exotic. It is the ordinary combination of easy integration, weak ownership, and no lifecycle trigger for removal. In IAM terms, the system creates a durable entitlement without a matching human lifecycle event to retire it.

Practical implication: Practitioners need to treat every AI integration as an identity object with an owner, expiry logic, and review path.

Why human-centric IGA breaks on AI-connected access

Traditional IGA assumes a person joins, changes roles, or leaves, and that a manager can certify the access. Non-human identities do not follow that pattern. They are created during experimentation, they may never enter the HR system, and they often have no clear business owner once the original project ends. Quarterly certification cycles therefore miss the most important failure mode: orphaned access that remains valid even though the business need has ended. Without continuous discovery, the governance program can certify what it already knows while missing what was created outside process.

Practical implication: Teams should extend IGA with continuous discovery and ownership mapping for AI-connected identities.

How visibility becomes the control plane for NHI governance

Visibility is the control plane because you cannot apply least privilege, rotation, or revocation to identities you cannot enumerate. The article’s core claim is that shadow AI bypasses central IT, which means inventory has to come from detection across cloud, SaaS, and developer workflows, not only from approved onboarding channels. Once discovered, each identity should be tied to access scope, logging, and a retirement condition. This is the operational difference between governance as a policy statement and governance as an enforceable system.

Practical implication: Security teams should build a live inventory of AI-connected identities before trying to optimise policy or certification cadence.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

AI governance is now an NHI governance problem, not a policy exercise. The article is correct to push the conversation away from abstract AI risk and toward identity control. Once a tool can touch customer data or business systems, it becomes an access subject that needs provisioning, monitoring, and retirement. The discipline that matters is the one that can inventory and govern that access end to end.

Shadow AI creates identity blast radius faster than most programmes can review it. Department-level adoption means the first control failure is usually visibility, not a weak password or a missing model guardrail. The more teams can self-enable integrations, the more the organisation accumulates access that no one can confidently explain later. Practitioners should assume blast radius grows faster than review cycles unless discovery is continuous.

NHI lifecycle management is the missing operating model for AI-connected access. Human-centric joiner-mover-leaver thinking does not retire a bot, token, or agent that was spun up for a pilot and forgotten. The new control pattern has to include discovery, ownership assignment, expiry, rotation, and offboarding for every AI-connected identity. That is the governance baseline, not an advanced maturity goal.

Auditability will become the forcing function for AI adoption. The article’s emphasis on board and examiner questions reflects where this is heading in practice. Organisations will need to prove what AI identities exist, what they can reach, and when they were last reviewed. If they cannot produce that evidence, adoption remains operationally fragile regardless of how capable the AI tool itself is.

From our research:

• 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to the 2026 Infrastructure Identity Survey.
• Only 13% of organisations feel extremely prepared for the reality of agentic AI, according to the 2026 Infrastructure Identity Survey.
• For the operational control side of the equation, see NHI Lifecycle Management Guide for lifecycle, rotation, and offboarding practices.

What this signals

Identity blast radius is now the right lens for AI governance. With 70% of organisations already granting AI systems more access than human employees, the issue is no longer whether AI should be allowed into the environment. The issue is whether access can be constrained, reviewed, and revoked before the blast radius becomes invisible. Teams that can enumerate AI-connected identities will be able to govern adoption without slowing it to a halt.

The practical signal for IAM and NHI programmes is that AI inventory must become operational, not periodic. Discovery has to span cloud, SaaS, and low-friction business integrations because that is where shadow adoption accumulates. If access is not linked to an owner and a retirement condition, the organisation is already carrying unowned privilege.

As organisations move toward broader agentic adoption, the governance model should align to standards such as the NIST Cybersecurity Framework 2.0 and the OWASP Non-Human Identity Top 10. That combination pushes teams toward discovery, least privilege, logging, and lifecycle controls rather than treating AI access as a one-off exception.

For practitioners

• Build a live AI-connected identity inventory Scan cloud, SaaS, and workflow platforms for service accounts, OAuth apps, API tokens, bots, and agent credentials that were created outside standard onboarding. Tie each identity to a business owner and an expiry condition so discovery leads to action, not just reporting.
• Extend access reviews beyond human users Add non-human identities to certification, but do not rely on quarterly review alone. Use continuous logging and event-driven reviews for AI tools that can be connected in minutes and forgotten for months.
• Enforce least privilege on every AI integration Grant only the minimum access required for the task, and separate read from write where the workflow allows it. Reassess scopes after pilot phases because temporary experimentation is where most over-privilege begins.
• Define offboarding triggers for AI identities Create explicit retirement rules for dormant integrations, ended pilots, and tools no longer tied to an approved use case. Offboarding should revoke credentials, remove entitlements, and record the reason for closure.

Key takeaways

• AI governance fails early when organisations cannot see the non-human identities created by AI tools.
• The largest risk is not theoretical model misuse, but persistent access that escapes normal IAM lifecycle controls.
• Practitioners should prioritise discovery, ownership, least privilege, and offboarding before scaling AI adoption further.

Key terms

• Non-Human Identity: A non-human identity is any credentialed entity that accesses systems without being a person, including service accounts, API keys, tokens, certificates, bots, and AI agents. In governance terms, it is an access object that still needs ownership, scope control, and retirement.
• Shadow AI: Shadow AI is AI use inside an organisation that security, IT, or governance teams have not formally discovered or approved. It often appears through low-friction integrations that create new identities and access paths outside standard onboarding and review processes.
• Identity Blast Radius: Identity blast radius is the amount of data, systems, and operational capability a credential or agent can reach if misused or compromised. In NHI programmes, it is shaped by privilege scope, token lifetime, monitoring depth, and how quickly access can be revoked.
• NHI Lifecycle Management: NHI lifecycle management is the discipline of provisioning, monitoring, rotating, certifying, and offboarding machine identities throughout their useful life. It extends IAM beyond people so bots, tokens, and agents do not become permanent, unreviewed access paths.

What's in the full article

Clarity Security's full blog post covers the operational detail this post intentionally leaves for the source:

• A practical walkthrough of how the vendor inventories AI-connected identities across environments.
• Examples of how the platform assigns ownership and flags inactive or over-privileged identities.
• Details on how access risk is assessed for service accounts, OAuth apps, AI agents, and API tokens.
• Board- and examiner-facing framing for answering who provisioned access and whether it can be revoked.

👉 The full Clarity Security post covers inventory, ownership, and access review details for AI-connected identities.

Deepen your knowledge

AI governance and non-human identity lifecycle management are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are trying to close the visibility gap before AI adoption spreads further, it is worth exploring.