TL;DR: AI is lowering the activation energy for expertise, customization, and code generation, which can weaken the old economies-of-scale model that security programmes were built around, according to Knostic and Sounil Yu’s remarks at the SANS 2025 Government Security Forum. The governance challenge is no longer just controlling access at scale, but preserving control as systems become more distributed, ephemeral, and customised.
At a glance
What this is: This analysis argues that AI changes the economics of scale in ways that also change security and infrastructure assumptions.
Why it matters: It matters because identity, access, and data governance programmes are built on scaling rules that become less reliable when AI accelerates expertise, code creation, and customisation.
By the numbers:
- Systems with least-privileged AI access had a 17% incident rate vs 76% for over-privileged systems, according to the 2026 Infrastructure Identity Survey.
👉 Read Knostic's analysis of how AI is changing scale, security, and governance
Context
AI is being framed as a force multiplier, but the deeper governance issue is that it changes how scale behaves in security programmes. Controls designed around centralised systems, standardised software, and predictable operating patterns become harder to trust when AI can rapidly customise code, workflows, and access decisions.
For IAM, NHI, and infrastructure teams, the key question is not whether AI is useful. It is whether the programme still assumes stable boundaries, repeatable configurations, and identifiable choke points when the operating model is becoming more distributed and ephemeral.
Key questions
Q: How should security teams govern AI-driven customisation without losing control?
A: Security teams should govern AI-driven customisation by treating generated code, workflows, and access paths as managed assets with explicit ownership and policy checks. The goal is not to suppress customisation, but to prevent it from creating blind spots in identity, logging, and review processes. If the control model only works for standardised environments, it will fail as AI increases variance.
Q: Why does AI make economies of scale harder to secure?
A: AI makes economies of scale harder to secure because it lowers the cost of building bespoke solutions, which reduces reliance on standardised systems and shared dependencies. That can improve flexibility, but it also increases variation and complicates governance. The security model must shift from protecting a uniform estate to governing a more distributed and less predictable one.
Q: What breaks when security programmes assume systems stay uniform?
A: When programmes assume systems stay uniform, anomaly detection, access review, and configuration governance all lose accuracy as customisation increases. AI can create environments that look different enough that baseline-driven controls miss drift or overfit to outdated patterns. The failure is not just technical detection, but the loss of a stable governance reference point.
Q: Who is accountable when AI-generated systems create new security risk?
A: Accountability should stay with the teams that approve deployment, own the identity surface, and accept the operational risk of AI-generated systems. AI can accelerate creation, but it does not replace ownership. If a generated workflow or custom code path reaches production, the organisation still needs a named owner for access, review, and remediation.
Technical breakdown
Why AI changes the security economics of scale
Traditional scale depends on standardisation, central control, and reusable patterns. AI weakens that logic by making specialised work cheaper and faster, which reduces the need for large shared systems and pushes organisations toward more distributed, customised architectures. That changes the security surface because uniformity, while easy to govern, often creates systemic blast radius. When many teams, workflows, or applications share the same dependencies, a single failure propagates widely. AI does not remove that risk, but it makes alternative operating models economically feasible. Practical implication: security architecture should be reviewed for dependency concentration, not just for raw system size.
Practical implication: map where standardisation creates single points of failure and where AI is encouraging more fragmented but harder-to-govern systems.
Distributed, immutable, ephemeral: the new operational pattern
The article contrasts the old confidentiality, integrity, availability model with a DIE pattern: distributed, immutable, ephemeral. Distributed systems reduce reliance on a single asset, immutable artefacts reduce tampering risk, and ephemeral constructs reduce long-lived exposure. That pattern is attractive for AI-enabled environments, but it also changes how identity is administered. Ephemeral components cannot be governed effectively with long review cycles or static entitlement assumptions. The challenge is not just technical; it is governance timing. Practical implication: identity and access controls must be able to track short-lived resources and short-lived decisions, not only persistent accounts.
Practical implication: reassess whether your review, logging, and entitlement processes can see identities that exist for minutes rather than months.
Why anomaly detection gets harder as systems become more unique
Standardisation makes anomalies easier to spot because outliers stand apart from a common baseline. Custom generation does the opposite. If AI produces highly tailored code, workflows, or application behaviour, the environment becomes less uniform and therefore harder to baseline. Security teams then lose some of the statistical advantage that comes from common libraries, repeated patterns, and predictable configurations. That does not mean AI is inherently unsafe. It means detection logic that depends on sameness will degrade as customisation increases. Practical implication: augment pattern-based detection with policy-based controls and explicit identity governance for machine-generated artefacts.
Practical implication: treat customisation as a detection problem as well as a productivity gain, and design controls for uniqueness rather than repetition.
NHI Mgmt Group analysis
AI is turning scale from a governance advantage into a governance liability. The article’s core claim is not simply that AI increases productivity. It is that AI undermines the operational assumptions that made centralised scale manageable in the first place. That means identity and security programmes built around uniform platforms, shared dependencies, and repeatable controls will face more fragmentation and more variance. Practitioners should treat scale itself as a risk variable, not only as an efficiency metric.
Identity blast radius: the smaller the system boundary, the more AI can shrink the visible control surface while expanding the hidden dependency surface. Distributed and ephemeral architectures can reduce the impact of individual failures, but they also make entitlement, logging, and accountability harder to centralise. The risk shifts from obvious concentration to invisible sprawl. Practitioners need to re-evaluate where they are measuring control coverage versus where they are actually inheriting risk.
AI changes the economics of least privilege by changing what is economically feasible to build. When AI can generate bespoke code, workflows, and operational logic on demand, the old assumption that a standard control model will fit most systems becomes weaker. That does not abolish least privilege. It means privilege boundaries increasingly have to be defined around fast-changing artefacts, not stable ones. Practitioners should expect governance to become more dynamic even where the business wants simplicity.
Security programmes that depend on shared baselines will struggle as AI drives customisation. Anomaly detection, software composition analysis, and standardised review models all become less reliable when every environment looks more unique. This is not a call to abandon control, but a warning that control quality will depend on how well programmes adapt to variation. Practitioners should prioritise governance models that can survive heterogeneity, not just optimisation at scale.
From our research:
- Systems with least-privileged AI access had a 17% incident rate vs 76% for over-privileged systems, according to the 2026 Infrastructure Identity Survey.
- From our research: Only 44% of organisations have implemented any policies to manage their AI agents, according to the 2026 Infrastructure Identity Survey.
- From our research: Read Ultimate Guide to NHIs , Lifecycle Processes for Managing NHIs to map governance gaps in provisioning, rotation, and offboarding.
What this signals
Identity programmes will feel the impact of AI scale shift first in review cycles and second in control coverage. The practical issue is not only that AI increases variance, but that governance mechanisms are usually built for stable assets. With least-privileged AI access linked to a 17% incident rate versus 76% for over-privileged systems, the pattern is clear: access scope still drives outcomes more than tool sophistication.
Identity blast radius becomes the programme-level metric that matters most. If AI allows smaller teams to generate more unique systems, then the control problem shifts toward how much risk each identity, workflow, or generated artefact can touch before detection or review. That is an NHI governance question even when the business problem looks like productivity.
Programmes should expect more pressure to manage custom AI output as governed infrastructure rather than as isolated application behaviour. The more bespoke the environment becomes, the more important it is to anchor controls in identity, policy, and ownership rather than in shared technical baselines alone.
For practitioners
- Review dependency concentration across AI-enabled systems Identify where standardised platforms, shared code paths, or common identity services could create correlated failure across teams. Prioritise controls in the places where one compromise would affect the widest operational set.
- Test whether governance can handle ephemeral operating models Check whether logging, approvals, and entitlement reviews still assume identities, services, or code artefacts exist long enough to be observed and certified. If they do, shorten the control loop or redesign it for transient assets.
- Harden identity controls around generated artefacts Treat AI-generated code and custom workflows as first-class governed assets. Require explicit ownership, traceability, and policy checks before they are promoted into production or connected to sensitive data.
- Measure where customisation weakens detection fidelity Compare alert quality in highly standardised environments with environments where AI-driven custom logic is common. Use the difference to decide where policy enforcement must replace pattern reliance.
Key takeaways
- AI is changing the economics of scale, which also changes the security assumptions behind centralised governance.
- Custom generation and ephemeral systems weaken the reliability of standardised detection, review, and entitlement models.
- Identity teams should focus on dependency concentration, control loops, and ownership for generated artefacts as AI expands variance.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Agentic AI Top 10 address the attack and risk surface, while NIST CSF 2.0, NIST AI RMF, NIST SP 800-53 Rev 5 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | GV.OC-1 | The article centres on governance assumptions and changing operating context. |
| OWASP Agentic AI Top 10 | The post touches on AI-generated behaviour and governance risks in agentic environments. | |
| NIST AI RMF | GOVERN | AI changes ownership, accountability, and governance boundaries. |
| NIST SP 800-53 Rev 5 | AC-6 | Least privilege remains the central control when AI access expands. |
| NIST Zero Trust (SP 800-207) | 3.2 | Distributed, ephemeral environments align with continuous verification principles. |
Map AI-driven scale changes to GV.OC-1 and reassess control scope where systems become more distributed.
Key terms
- Identity blast radius: The amount of systems, data, and operations that can be affected when one identity, workflow, or access path is misused. In AI-heavy environments, the blast radius grows when generated artefacts inherit broad permissions or connect to many downstream services.
- Distributed, immutable, ephemeral model: An operating pattern in which systems are spread across multiple components, artefacts cannot be easily altered once created, and resources exist only briefly. It can improve resilience, but it also requires governance that can follow fast-changing identities and assets.
- Control loop: The full cycle of observing, deciding, approving, and enforcing security controls. In dynamic AI environments, the control loop must be fast enough to see short-lived identities, generated code, and transient access before they disappear from the review window.
What's in the full article
Knostic's full analysis covers the operational detail this post intentionally leaves for the source:
- How the DIE framing changes architecture choices in AI-enabled infrastructure
- Examples of AI-driven custom code generation and why it complicates software composition analysis
- The security trade-offs between distribution, immutability, and ephemerality in real environments
- Knostic's applied use cases for AI data governance and oversharing detection
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building or maturing an IAM or identity governance programme, it is worth exploring.
Published by the NHIMG editorial team on 2025-08-04.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org