AI identity controls are loosening faster than governance can track

At a glance

What this is: Delinea’s research says AI adoption is widening identity visibility gaps and weakening privilege governance around NHIs and AI agents.

Why it matters: For IAM, NHI, and AI governance teams, this matters because AI adoption is now colliding with standing privilege, weak traceability, and discovery gaps in the same control plane.

By the numbers:

• 90% of organizations pressure security teams to loosen identity controls to enable AI initiatives.
• 80% of organizations say they are unable to always understand why an NHI performed a privileged action.
• 59% of organizations report lacking viable alternatives to standing privileged access for NHIs and AI agents.
• 87% of respondents say their identity security posture is ready to support AI-driven automation.

👉 Read Delinea's report on hidden AI identity risks and governance gaps

Context

AI identity governance is the discipline of controlling what AI-driven identities can do, when they can do it, and how those actions are verified. The problem Delinea identifies is a familiar one in new form: organisations are scaling AI faster than they are tightening identity controls, so visibility, privilege review, and accountability lag behind the automation they are supposed to govern.

This is not just an AI operations issue. It cuts across NHI governance, privileged access management, and lifecycle control because AI agents behave like non-human identities once they are given credentials, tool access, or production permissions. For teams already managing service accounts and machine identities, the pressure to loosen controls for AI adds another layer of risk to an already difficult operating model.

Key questions

Q: What breaks when AI systems rely on standing privilege for production access?

A: Standing privilege breaks the assumption that access can be reviewed before it is used. AI systems can execute repeated privileged actions faster than review cycles can respond, which leaves persistent permissions in place after the operational need has passed. That creates larger exposure windows, weaker accountability, and more difficulty proving that access was justified.

Q: Why do AI identities complicate existing IAM and PAM controls?

A: AI identities complicate IAM and PAM because they can combine non-human speed, delegated tool access, and production privileges in one workflow. That makes entitlement review, approval gates, and audit evidence harder to align with actual behaviour. The controls still matter, but they need to follow runtime use, not just provisioning records.

Q: How can security teams tell whether AI identity governance is actually working?

A: Teams should look for evidence that identity discovery, privilege use, and review outcomes line up. If the organisation can identify an AI identity but cannot explain its privileged actions or validate them in real time, governance is only partial. Effective control means the programme can both enumerate access and verify behaviour under operational load.

Q: Who should own AI identity decisions when human, machine, and agentic access overlap?

A: Ownership should sit with the team responsible for the full access path, not with separate owners for each credential type. When AI workflows use human approvals, machine identities, and production privileges together, fragmented ownership creates gaps in accountability. Governance must be assigned to one control owner with authority across lifecycle, access, and audit.

Technical breakdown

Why AI identity discovery fails in real environments

Identity discovery depends on being able to enumerate what identities exist, where they are used, and which systems can exercise them. In AI-heavy environments, that becomes harder because the identity may be transient, embedded in orchestration, or represented by multiple linked credentials across tools and services. When nearly 90% of respondents report at least one identity visibility gap, the issue is not only inventory quality. It is that AI-driven automation creates identities faster than governance teams can classify, monitor, and recertify them.

Practical implication: treat AI identity discovery as a continuous control, not a one-time inventory exercise.

Standing privilege and AI agents

Standing privilege means permissions remain active before they are needed and after the task is complete. That model persists because many organisations still lack workable alternatives for NHIs and AI agents, which turns every delegated action into a broader exposure window. For AI, the problem is sharper because tool use can be triggered repeatedly and at speed, making persistent permissions easier to abuse and harder to justify. The result is not only excess access but poor evidence of why access was exercised in the first place.

Practical implication: replace persistent access paths with task-scoped authorization and short-lived entitlements wherever AI systems touch production.

Why privileged AI actions are hard to audit

Auditability is more than logging that a credential was used. Security teams need enough context to explain why the action occurred, which identity initiated it, what data or tools were touched, and whether the behaviour matched expected policy. Delinea’s finding that 80% of organisations cannot always explain privileged NHI actions shows a traceability gap, not just a reporting gap. If an AI system can invoke privileges but the governance layer cannot reconstruct intent and sequence, accountability breaks down even when access technically succeeds.

Practical implication: require action-level traceability for AI and NHI privileges, including context, correlation, and reviewable evidence.

Threat narrative

Attacker objective: The attacker objective is to abuse AI-enabled identity sprawl to gain persistent, hard-to-audit access to production systems and data.

1. entry through AI-driven identities that inherit credentials or access from human-controlled automation and orchestration paths.
2. escalation through standing privileged access that lets NHIs and AI agents retain permissions beyond a single task or session.
3. impact through privileged actions that cannot always be explained, traced, or confidently validated in real time.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Loosened identity controls are becoming the default tax on AI adoption. When 90% of organisations feel pressure to relax controls so AI can move forward, governance has stopped being a guardrail and started behaving like a bottleneck that business leaders routinely override. The problem is not that identity controls are obsolete. The problem is that AI deployment now depends on weakening them first, which signals a governance failure rather than a technology one. Practitioners should treat this as a policy break, not a tuning issue.

Standing privilege is the wrong default for AI agents and NHIs. Standing access was designed for identities whose activity could be scheduled, reviewed, and constrained over longer operating windows. That assumption fails when AI-driven identities can trigger privileged actions repeatedly and at runtime, often before a review cycle can even begin. The implication is that access models built around persistent entitlement no longer describe the actual risk surface.

Actionability, not visibility, is the real control gap. Organisations can say they discovered an identity and still not know whether the resulting privilege use was expected, justified, or contained. The article’s confidence paradox shows that many teams believe they are ready for AI even while admitting their AI governance is deficient. That gap matters because mature-looking inventories can mask weak operational control. Practitioners should measure whether identity governance produces decisions, not just records.

Runtime governance gap: AI-driven automation creates a category of identity behaviour that exists between provisioning and review, where conventional access governance has no stable checkpoint. This is where human IAM assumptions, NHI lifecycle controls, and PAM review cycles all fail to line up cleanly. The governance consequence is that security teams need a control model that follows execution, not just entitlement.

Cross-domain identity pressure is now structural. AI adoption is collapsing the separation between human access governance, machine identity management, and privileged access operations. In practice, a single AI workflow can consume human approvals, NHI credentials, and production privileges in one chain. The field should stop treating these as separate programmes and start governing them as one identity surface. Practitioners should rework ownership and control boundaries accordingly.

From our research:

• 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, according to The 2024 ESG Report: Managing Non-Human Identities.
• Enterprises that have experienced a compromised NHI averaged 2.7 separate incidents in the past 12 months, according to the same report.
• For a broader control baseline, see Ultimate Guide to NHIs for the visibility, rotation, and over-privilege patterns that keep recurring.

What this signals

AI trust debt: the more organisations relax identity controls to accelerate AI, the more technical debt they accumulate in governance, audit, and lifecycle management. The immediate signal for practitioners is not just greater exposure, but a rising cost to re-establish control later, because access paths become embedded in production workflows before review models are adapted.

The practical response is to treat AI identity governance as a joint problem across privileged access, workload identity, and lifecycle offboarding. The organisations most likely to stay ahead will be those that make real-time validation part of normal operations rather than a special audit exercise. For a baseline on recurring NHI failure patterns, the 52 NHI Breaches Analysis remains useful context.

Identity teams should also expect the boundary between human approvals and machine execution to keep blurring. Where AI agents touch production systems, governance must be explicit about who owns the access path, who can revoke it, and what evidence proves the action was legitimate. That is the difference between using AI and governing it.

For practitioners

• Inventory AI-exposed identities continuously Track every identity used by AI workflows, including service accounts, tokens, certificates, and delegated automation accounts. Reconcile discovery against production usage so gaps are visible before permissions proliferate.
• Remove standing privilege from AI execution paths Move AI access to task-scoped authorization with short-lived entitlements, and block persistent permissions where the system can request access only when a job begins.
• Require explainable privileged actions Capture enough session context to reconstruct why a privileged action occurred, which identity initiated it, and what resources were touched. If the activity cannot be explained after the fact, it is not governable.
• Align AI governance with PAM and lifecycle controls Assign ownership for AI identities, define offboarding for retired workflows, and recertify access on the same cadence used for other high-risk non-human identities.

Key takeaways

• AI adoption is pressuring organisations to weaken identity controls, which turns governance into a deployment constraint unless teams redesign access models for machine speed.
• The scale of the issue is already visible, with most organisations reporting NHI visibility gaps and many unable to explain privileged AI actions after they occur.
• Task-scoped access, runtime validation, and accountable ownership are the controls that separate AI enablement from uncontrolled privilege expansion.

Key terms

• AI Identity: An AI identity is the access representation used by an AI system to reach tools, data, or services. In practice it behaves like a non-human identity and must be governed with the same attention to entitlement scope, traceability, and lifecycle control, especially when actions affect production systems.
• Standing Privilege: Standing privilege is access that remains active before a task begins and after it ends. It reduces friction, but it also expands exposure because the identity can use permissions outside the immediate operational need. For AI-driven workflows, that exposure can grow quickly and become difficult to justify.
• Identity Visibility Gap: An identity visibility gap exists when a programme cannot reliably discover, classify, or monitor every identity with active access. For AI and machine identities, the gap often appears in orchestration layers, delegated credentials, and ephemeral workflows, which makes governance incomplete even when core directories look healthy.
• Runtime Authorization: Runtime authorization is the practice of deciding access at the moment it is needed, using current context rather than only preassigned entitlements. It is essential for AI-driven automation because the access decision must follow the action, not merely the identity registration record.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Delinea: Delinea report finds 90% of organizations pressure security teams to loosen identity controls for AI. Read the original.