AI identity expansion is outpacing data security governance

At a glance

What this is: This report shows that AI-driven identity expansion is widening breach exposure faster than many organisations can govern it.

Why it matters: It matters because IAM, NHI, and human identity programmes now have to control access growth, monitoring, and governance at machine speed, not review-cycle speed.

By the numbers:

• 43% of organisations where AI significantly expanded identities reported a breach in the past 12 months, compared with 11% where AI had not materially changed access patterns.
• 76% of organisations do not fully govern or monitor non-human identities.
• 11% of organisations report full AI security readiness through continuous enforcement and monitoring.

👉 Read Netwrix's 2026 Data and Identity Security Report on AI readiness

Context

AI-driven identity expansion means software, automation, and AI systems are creating more accounts, tokens, and permissions that need governance. In practice, that pushes identity programmes beyond human-centric review cycles and into continuous control of non-human identities, access scope, and monitoring.

The core problem is speed: AI changes who or what can reach data faster than many organisations can see, certify, and revoke that access. For IAM and security teams, this is now a governance and lifecycle issue as much as a technical one, and the gap shows up in breach rates rather than policy language.

Key questions

Q: How should security teams govern AI-driven identity expansion?

A: Security teams should treat AI-driven identity expansion as an identity lifecycle problem, not a one-time deployment task. Every new service account, token, or delegated permission needs ownership, scope limits, review criteria, and a clear revocation trigger. If those controls are missing, access grows faster than governance can see or constrain it.

Q: Why do non-human identities create so much additional breach risk in AI programmes?

A: Non-human identities increase breach risk because they often carry standing access, are poorly inventoried, and are monitored less consistently than human accounts. In AI programmes, that exposure scales quickly because each workflow can add more credentials and permissions. The result is a larger attack surface with weaker accountability.

Q: What breaks when organisations rely on periodic access reviews for AI systems?

A: Periodic access reviews break when the identity scope changes between review cycles. AI-enabled workflows can create, use, and retire access faster than reviewers can validate it, so certification no longer reflects reality. That leaves stale permissions active and makes breach exposure harder to detect before it is used.

Q: Who should own AI identity governance in the enterprise?

A: AI identity governance should be owned jointly by identity, security, and platform teams, with clear accountability for provisioning, monitoring, and revocation. If ownership sits only with one group, the organisation usually misses either the technical controls or the operational lifecycle. Shared governance is essential because the risk crosses IAM, NHI, and data access domains.

Technical breakdown

Why AI-driven identity expansion increases breach exposure

AI systems often require new service accounts, API keys, tokens, and delegated permissions to operate across data and infrastructure. Each added identity increases the attack surface, especially when entitlements are broader than the task requires or are left in place after the workflow changes. The problem is not AI alone, but the speed at which identity sprawl outpaces human review, monitoring, and revocation. When access grows faster than governance, the organisation accumulates exposure that is hard to see and harder to unwind.

Practical implication: treat every AI-enabled access path as a governed identity lifecycle, not a one-time configuration.

Non-human identity governance is now the control plane

Non-human identities include service accounts, workload identities, API keys, certificates, and tokens used by software and automation. They are frequently over-privileged, poorly inventoried, and monitored less consistently than human accounts, which makes them a common point of failure in modern environments. Effective control depends on knowing what exists, who owns it, what it can reach, and when it should be rotated or revoked. Without that control plane, AI adoption simply multiplies unmanaged access.

Practical implication: build a complete NHI inventory with ownership, privilege scope, rotation, and offboarding attached to each identity.

AI readiness depends on continuous enforcement and monitoring

Security readiness here is not a policy statement. It means continuously enforcing least privilege, detecting anomalous access patterns, and confirming that identities still match the workload or agent that created them. The report's gap between reported AI adoption and full readiness suggests many organisations are still relying on periodic checks that cannot keep pace with dynamic access creation. Continuous enforcement is the only model that matches continuous identity expansion.

Practical implication: move from periodic certification to continuous monitoring of AI and NHI access behaviour.

Threat narrative

Attacker objective: The attacker aims to exploit AI-expanded identity sprawl to reach sensitive data and move faster than governance can respond.

1. Entry occurs when AI-enabled workflows create new identities, tokens, or delegated access paths that reach sensitive data without mature oversight.
2. Escalation follows when those identities are over-privileged, poorly monitored, or left active after their original purpose has changed.
3. Impact appears as faster breach propagation and broader data exposure because attackers can abuse the expanded identity surface before governance catches up.

Breaches seen in the wild

• Salesloft OAuth token breach — hackers stole OAuth tokens to access Salesforce data via Salesloft.
• Internet Archive breach — unsecured GitLab authentication tokens exposed 31M Internet Archive accounts.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

AI-driven identity growth has become a governance problem before it is a technology problem. When AI creates identities and permissions faster than human-paced review can absorb them, the breach question shifts from whether access exists to whether it is still governable at all. That is a direct challenge to IAM operating models built around periodic certification. Practitioners should treat identity expansion as a control-capacity issue, not a tooling issue.

Non-human identity sprawl is the hidden multiplier in AI risk. Service accounts, API keys, tokens, and certificates are the connective tissue of AI-enabled systems, and they are still too often handled as incidental infrastructure detail. The report's finding that most organisations do not fully govern or monitor NHIs shows that AI readiness cannot outrun machine identity discipline. The implication is that NHI governance now sets the ceiling for safe AI adoption.

Full AI security readiness is a lifecycle standard, not a dashboard metric. Continuous enforcement and monitoring matter because AI access changes dynamically, while static certification assumes stable scope. That assumption no longer holds when identities are added, reused, and retired as part of runtime operations. Practitioners should interpret readiness as an operating state, not a maturity label.

Identity expansion exposes a new named risk: access debt. Access debt is the accumulation of identities, permissions, and delegated paths that remain active longer than their business purpose. In AI-heavy environments, this debt compounds quickly because every new workflow adds another governance obligation. The field needs to measure access debt alongside breach history, because unmanaged growth is now a leading indicator of exposure.

Human identity controls alone cannot absorb AI-era breach pressure. The report shows that breach rates rise sharply when AI changes access patterns, which means human-centric assumptions about review cadence, approval ownership, and remediation windows are no longer sufficient. Identity programmes must align human IAM, NHI governance, and AI oversight into one lifecycle model. That is the only defensible way to manage cross-domain exposure.

From our research:

• 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, according to Ultimate Guide to NHIs.
• 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
• That is why the Ultimate Guide to NHIs is useful here: it frames provisioning, rotation, and offboarding as one lifecycle rather than separate tasks.

What this signals

Access debt: AI adoption is turning temporary access decisions into persistent governance liabilities. The practical challenge for security leaders is not only discovering new identities, but proving that each one still has a valid purpose, a named owner, and a revocation path before its risk compounds.

With 70% of organisations granting AI systems more access than they would give a human employee performing the exact same job, per the 2026 Infrastructure Identity Survey, the control problem is no longer theoretical. Teams should expect pressure to move approval, certification, and revocation into continuous workflows instead of annual or quarterly cycles.

Organisations that still separate human IAM, NHI governance, and AI oversight will keep missing the point of this report. The programme signal is clear: identity security is converging into one lifecycle discipline, and AI is exposing where that discipline is incomplete.

For practitioners

• Inventory every AI-created identity path Map service accounts, tokens, keys, and certificates that support AI-enabled workflows, then attach ownership and business purpose to each one. Prioritise identities with no named owner or no clear offboarding condition.
• Enforce least privilege at issuance Set scope limits before access is granted and deny broad entitlements that are only justified by convenience. Re-check permissions when an AI workflow changes, not only during annual review cycles.
• Tie revocation to lifecycle events Revoke or rotate identities when the model, pipeline, vendor relationship, or workload changes. Do not leave AI-related credentials active simply because they have not yet been observed in an incident.
• Monitor for access growth that outpaces governance Track the rate at which identities and permissions are added versus the rate at which they are reviewed, rotated, or retired. A widening gap is an exposure signal, not just an operational backlog.

Key takeaways

• AI-driven identity expansion increases breach risk when access creation outruns governance, review, and revocation.
• Non-human identities remain the most fragile layer in many AI programmes because they are both numerous and weakly monitored.
• The right response is not just more policy, but lifecycle control over ownership, privilege scope, and continuous enforcement.

Key terms

• AI-driven identity expansion: AI-driven identity expansion is the growth in accounts, tokens, permissions, and delegated access created to support AI-enabled workflows. It matters because each new identity adds governance, monitoring, and revocation obligations, often faster than review cycles can handle. In practice, it is a scaling problem for identity security, not just an adoption trend.
• Non-human identity: A non-human identity is any credentialed entity used by software or automation rather than a person, including service accounts, API keys, tokens, certificates, and workload identities. These identities often carry standing access and are easy to lose track of, which makes ownership, scope, rotation, and offboarding essential controls.
• Access debt: Access debt is the build-up of active permissions, identities, and delegated pathways that remain in place after their business purpose has changed or expired. It accumulates when governance cannot keep pace with provisioning, especially in dynamic AI and machine-driven environments. The result is hidden exposure that eventually turns into breach surface.
• Continuous enforcement: Continuous enforcement means access rules, monitoring, and revocation are applied in near real time rather than during scheduled reviews. For AI and other non-human identities, it is the only model that matches how quickly identities can be created, changed, and abused. It turns security from periodic approval into ongoing control.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Netwrix: 2026 Data and Identity Security Report. Read the original.