AI governance is failing where data visibility and NHI access collide

At a glance

What this is: Cyera argues that AI governance now depends on continuous data discovery, right-sized permissions, and real-time protection because fragmented data estates and over-privileged humans and machines create unmanaged exposure.

Why it matters: For IAM and NHI practitioners, the message is that access governance cannot be treated separately from data visibility when AI systems and service accounts can move sensitive data at speed.

By the numbers:

• 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, 46% confirmed and 26% suspected.

👉 Read Cyera's analysis of AI governance, visibility gaps, and data control

Context

AI governance is no longer just a policy problem. It is a visibility problem created by data spread across SaaS, cloud, and legacy systems, combined with human and non-human identities that can touch sensitive data faster than governance teams can review it. In NHI management terms, the issue is not only who gets access, but whether the organisation can see where access is used and whether it matches policy.

Cyera frames the problem around CDO accountability, but the operational lesson is broader: AI changes the pace of data movement, while service accounts, agents, and embedded automations expand the number of identities that can move it. That combination makes manual approval queues and spreadsheet-based oversight too slow for meaningful control. For teams building an NHI governance programme, this is a familiar failure mode, just amplified by AI.

The starting position described in the article is typical of large enterprises, not exceptional. Fragmented ownership, unclear data lineage, and over-privileged accounts are common conditions, which is why AI governance now has to be treated as an identity and data problem together.

Key questions

Q: How should security teams govern AI agents that can access sensitive data?

A: Security teams should govern AI agents as privileged non-human identities with bounded purpose, short-lived permissions, and observable data paths. The practical model is continuous discovery, right-sized access, and runtime enforcement so that the agent can only touch the data needed for its task and cannot quietly expand its reach over time.

Q: Why do AI workflows make traditional IAM controls less effective?

A: Traditional IAM controls assume slower change, clear ownership, and periodic review. AI workflows break those assumptions because they can move data quickly, act inside trusted platforms, and rely on service accounts or agents that outlive the task they were created for. That creates standing exposure that manual governance usually misses.

Q: What breaks when NHI permissions are not tied to data context?

A: When NHI permissions are detached from data context, organisations lose visibility into which identities can reach sensitive information, where that information moves, and whether the resulting access matches policy. The usual result is over-privilege, weak audit trails, and a larger blast radius when an account or agent is misused.

Q: How do organisations know whether AI governance is actually working?

A: AI governance is working when teams can prove that data access, identity permissions, and runtime controls line up with policy in practice. A useful test is whether the organisation can answer who accessed what, through which identity, and whether any out-of-policy movement was blocked or detected in time.

Technical breakdown

Why AI governance becomes an NHI visibility problem

AI systems do not simply consume data. They create new access paths through copilots, agents, APIs, and embedded automations that sit between users and sensitive systems. That matters for NHI governance because the effective control point becomes the identity that is allowed to retrieve, transform, or forward data, not just the application hosting the model. When visibility is limited to network endpoints or manual inventories, teams lose the ability to tie action back to identity, policy, and data context. Practical implication: treat every AI-connected identity as part of the access control plane.

Practical implication: Map AI access back to the NHI that executes it, then validate that each identity has a bounded purpose and traceable data path.

What right-sized permissions mean for service accounts and agents

Right-sized permissions are not the same as traditional least privilege reviews. In an AI environment, a service account or agent may need temporary, task-scoped access to datasets, but that access must be constrained to the smallest usable set of actions and data. The governance failure usually appears when a machine identity inherits broad rights from a platform role, then keeps them long after the task is complete. That creates standing exposure, larger blast radius, and poor auditability. Practical implication: align data permissions to the job the identity must perform, not to the system it happens to run on.

Practical implication: Review machine identity entitlements for task scope, duration, and data sensitivity, then remove standing rights that are not operationally necessary.

How runtime protection limits data exposure in AI workflows

Runtime protection is the last control layer when preventive policy is not enough. It inspects prompts, responses, and data movement as they happen, blocking or redacting high-risk content before it leaves approved boundaries. For NHI security, this matters because autonomous workflows can make decisions faster than humans can intervene, especially when the identity is embedded inside a business platform. The architectural point is simple: discovery tells you what exists, permissions shape what can happen, and runtime controls decide what must be stopped in the moment. Practical implication: use runtime guardrails to catch out-of-policy transfers even when the identity is sanctioned.

Practical implication: Pair discovery with inline enforcement so that AI-driven access cannot bypass policy simply because it is technically authorised.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

AI governance has become an identity governance problem because machine access now moves faster than manual review. The article is strongest when it links governance failure to the pace of AI adoption, not to abstract policy design. Once service accounts, agents, and embedded copilots can touch production data at speed, the decisive question becomes whether identity permissions still match the data they can reach. Practitioners should treat NHI access as part of AI governance, not as a separate hygiene task.

Data discovery is the missing control layer in most NHI programmes. Organisations often know they have service accounts, tokens, and agents, but not where those identities can move sensitive data or which datasets they can reach through shadow tools. That is a governance blind spot, not just an inventory problem. The field needs continuous discovery tied to access context, because static reviews cannot keep up with AI-enabled data movement. Practitioners should prioritise discovery that links identities to data paths.

Data DNA is a useful concept for describing the policy-to-runtime gap. The phrase captures the need to understand where data originates, how it is transformed, and which identities touch it along the way. That is a stronger model than perimeter-based protection because AI workflows reuse data across systems and surfaces. For NHI governance teams, the practical consequence is that permissioning and monitoring must follow the data, not just the platform.

Standing privilege is becoming the default failure mode for AI-connected identities. When service accounts and agents inherit broad access to make workflows easy, the organisation trades operational convenience for persistent exposure. That is especially dangerous when AI tools can act inside trusted business systems and move data without obvious human intervention. The correct response is not more manual approval, but a shift toward bounded, observable, task-scoped access. Practitioners should make standing access exceptions visible and time-limited.

Shadow AI widens the governance gap because unsanctioned tools create unsanctioned identities. Once employees can attach sensitive content to external tools, the organisation loses both visibility and policy enforcement at the same time. The issue is not only exfiltration. It is that hidden workflows create unmanaged access patterns that existing IAM processes do not record. Practitioners should assume that any unapproved AI surface may also hide an unmanaged NHI path.

From our research:

• 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to The State of Non-Human Identity Security.
• A separate finding in the same report shows that only 1.5 out of 10 organisations are highly confident in securing NHIs, which underscores how thin current governance coverage remains.
• For a broader governance lens, see the NHI Lifecycle Management Guide for the controls that should anchor provisioning, rotation, and offboarding.

What this signals

The practical signal for security teams is that AI governance will increasingly be judged by evidence, not by policy documents. If an organisation cannot trace where sensitive data went, which non-human identity touched it, and whether the action was approved in context, then the governance programme is incomplete. The next phase of NHI management is observable control, not policy intent.

Identity blast radius: the range of data and actions a machine identity can affect once it is granted access. As AI copilots and agents inherit wider permissions, that blast radius becomes the metric that matters most for prioritisation. Teams should focus on identities that can reach high-value datasets first, then shrink the scope of those rights before new AI workflows scale further.

For programme owners, the issue is convergence. Data discovery, access review, and runtime enforcement can no longer live in separate workstreams because AI turns them into one continuous control loop. That makes governance measurable in operational terms, which is where frameworks such as the NIST Cybersecurity Framework 2.0 and the OWASP Non-Human Identity Top 10 become most useful.

For practitioners

• Implement continuous AI and NHI discovery Build an inventory that links AI tools, service accounts, and data repositories so teams can see who or what can reach sensitive information in real time.
• Right-size permissions before AI access expands Review machine identities for task scope, remove broad inherited roles, and align access with the minimum dataset and action set required for each workflow.
• Add runtime guardrails for data movement Block, redact, or route high-risk prompts and responses in-line when AI workflows try to move PII, intellectual property, or regulated content outside policy.
• Treat shadow AI as an identity risk Extend governance checks to unsanctioned tools and embedded copilots because hidden AI usage can create unmanaged access paths that never enter standard review queues.

Key takeaways

• AI governance fails fastest where data is distributed and non-human identities can move it faster than manual review.
• Visibility into identity and data context is now a control requirement, not an optional maturity goal.
• Practitioners should pair discovery, right-sized permissions, and runtime enforcement to reduce the blast radius of AI-driven access.

Key terms

• Data DNA: The full path and context of data as it is discovered, transformed, moved, and consumed across an organisation. In NHI governance, it is the practical way to connect identity permissions to real data movement so that policy, visibility, and runtime controls can be evaluated together.
• Shadow AI: AI tools and agents that are used without central visibility or approval. These systems often sit outside normal governance workflows, which means they can create unmanaged data exposure, uncontrolled access paths, and identity activity that security teams never see in standard reviews.
• Identity blast radius: The total scope of data, systems, and actions a human or non-human identity can influence once access is granted. For NHI programmes, it is a useful way to measure how quickly a single over-privileged account or agent can turn a local mistake into a broader incident.
• Runtime protection: Controls that inspect and enforce policy while an action is happening, rather than after the fact. In AI governance, runtime protection can block, redact, or route sensitive data requests and responses before an agent or application moves information beyond approved boundaries.

Deepen your knowledge

AI governance, data visibility, and non-human identity controls are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building a governance programme around the same access and data problems, it is worth exploring.

This post draws on content published by Cyera: What Keeps CDOs Up at Night: The Visibility Gap. Read the original.