AI security confidence is outpacing identity governance for agents

At a glance

What this is: This survey analysis argues that AI adoption is creating an identity security confidence paradox, where perceived readiness for AI-driven automation exceeds real governance capability.

Why it matters: It matters because IAM teams cannot validate AI, NHI, and human access with human-era discovery and review processes once agents and shadow AI expand the identity surface.

By the numbers:

• 87% say their identity security is ready for AI-driven automation at scale.
• 82% of respondents expressed strong confidence in their ability to discover NHIs with access to production systems.
• 2,001 IT decision-makers were actively using or piloting AI in the survey.
• Only 5.7% of organisations have full visibility into their service accounts.

👉 Read Delinea's analysis of the AI security confidence paradox

Context

AI security confidence paradox is an identity governance problem, not just an AI adoption problem. Organisations may believe their controls are ready for machine-driven change, but that confidence breaks down when AI agents, NHIs, and shadow AI systems operate outside the discovery and review cycles built for people.

For IAM and IGA teams, the issue is that visibility, privilege validation, and access assurance must now work at machine speed. Human-centric lifecycle controls do not automatically translate to AI systems that can touch multiple services, expand scope quickly, and remain unseen until after access has already been used.

Key questions

Q: How should security teams govern AI agents that access multiple systems at once?

A: Security teams should govern AI agents as machine identities with continuous validation, not as human-style users with periodic review. That means inventorying each agent, limiting access to the minimum task scope, and automating monitoring and revocation so access cannot drift unnoticed across multiple systems.

Q: Why do AI systems expose gaps in identity governance faster than human users do?

A: AI systems can create, use, and expand access faster than review cycles can observe. When discovery is stale, governance teams make decisions on incomplete data, which allows privilege creep, shadow deployments, and hidden access relationships to accumulate before anyone can intervene.

Q: What breaks when real-time validation is missing for non-human identities?

A: Without real-time validation, organisations may believe they know which NHIs exist and what they can do, but that belief is often wrong. Access patterns change faster than governance artefacts, so stale inventories and dormant approvals become blind spots that attackers or operational failures can exploit.

Q: Who should own AI identity governance in an enterprise programme?

A: AI identity governance should be owned jointly by IAM, IGA, PAM, and security architecture, because the control problem spans discovery, approval, access scope, and monitoring. AI rollout decisions should not proceed until the identity control plane can prove it can validate access at machine speed.

Technical breakdown

Why human-centric identity controls fail for AI agents

Human identity controls assume a stable subject, a bounded session, and a review cycle that can observe access after it is granted. AI agents break that model when they can access multiple systems, make runtime decisions, and generate new access paths without waiting for a person. Discovery alone is not enough if inventory data is stale by the time it is reviewed. The operational problem is not simply more identities, but identities that change faster than governance processes can certify.

Practical implication: treat AI agents as machine identities that need continuous validation, not periodic human-style review.

Real-time discovery and access validation for NHIs

The article highlights a common failure mode in NHI governance: teams think discovery is complete even when validation is partial. Inventory, usage, and access patterns must be checked continuously because AI systems proliferate across business units and shadow deployments hide outside central oversight. When discovery tools cannot keep pace, entitlement decisions are made on outdated evidence, and privilege creep becomes invisible. This is a visibility problem first, then a control problem.

Practical implication: move from point-in-time discovery to continuous inventory and access verification for NHIs and AI systems.

Zero standing privilege is the right direction, but only with machine-speed governance

Just-in-time access and ephemeral credentials reduce standing exposure, but they do not solve the underlying governance challenge unless monitoring, approval, and revocation are also machine-speed. AI systems can perform many actions quickly enough that static policy enforcement arrives too late. Zero standing privilege works best when identity governance, monitoring, and compliance checks are automated end to end. Without that, the control exists on paper while the agent still operates ahead of oversight.

Practical implication: pair ephemeral access with automated monitoring and revocation so privileges cannot outlive the task.

Threat narrative

Attacker objective: The objective is to use invisible or overprivileged AI-related identities to reach sensitive systems before defenders can validate or contain access.

1. Entry occurs through accelerated AI deployment and shadow AI, which introduces unmanaged machine identities into production environments.
2. Escalation follows when AI agents or related NHIs are overprivileged and their access patterns are not validated in real time.
3. Impact emerges when attackers or operational failures exploit stale inventory, hidden access paths, and identity infrastructure that defenders cannot fully account for.

Breaches seen in the wild

• Moltbook AI agent keys breach — Moltbook breach exposed 1.5M AI agent keys.
• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

AI security confidence is becoming a governance liability when validation lags discovery. Organisations are confusing readiness claims with control maturity, which creates a false sense of safety around machine identities. The article's 87% confidence figure is useful precisely because it collides with the admission that nearly half still lack governance adequacy. Practitioners should treat confidence as a hypothesis that must be tested, not a control outcome.

Identity discovery without real-time validation is a weak assurance model for NHIs. The article shows that many teams believe they can discover machine identities, yet fewer than one in three validate inventory, usage, or access patterns in real time. That is a classic control gap in NHI governance because discovery data degrades quickly in AI-heavy environments. The practitioner conclusion is clear: stale inventory cannot support entitlement decisions.

Shadow AI exposure debt: AI systems deployed outside central oversight accumulate hidden access that traditional discovery cannot reliably surface. This is the named concept behind the paradox. The debt grows because business units can add new AI capabilities faster than security teams can catalogue them, meaning privilege relationships remain undocumented until an incident exposes them. The implication is that security programmes need to think in terms of unseen identity accumulation, not just known-account hygiene.

Zero standing privilege only works when the operational window is shorter than the abuse window. Just-in-time access is often discussed as a policy, but in AI environments it becomes a race between task completion and validation. If the governance cycle is slower than the agent's execution cycle, the control is functionally absent. Practitioners should judge identity programmes by whether they can close exposure before the next machine action occurs.

AI governance is now an identity governance problem before it is an AI governance problem. The article's central contradiction is not about model quality or feature velocity, but about whether identities can be discovered, validated, and constrained at machine speed. That shifts accountability toward IAM, IGA, PAM, and security architecture teams that own the control plane for access. The practitioner conclusion is to align AI rollout decisions with identity assurance maturity.

From our research:

• 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to Ultimate Guide to NHIs.
• Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them, according to Ultimate Guide to NHIs.
• For teams building machine identity controls, Top 10 NHI Issues is the next place to pressure-test lifecycle and visibility assumptions.

What this signals

Shadow AI identity debt: when business units deploy agents faster than security can catalogue them, the control problem shifts from prevention to containment. That is why AI governance must be measured against identity assurance, not against adoption enthusiasm. With 97% of NHIs carrying excessive privileges in our research, the risk is not just growth in identities but growth in unbounded access.

IAM and IGA teams should expect more AI programmes to fail on evidence quality rather than policy design. Discovery reports, access certifications, and offboarding workflows only work when the underlying inventory is current. For a deeper control baseline, see the Ultimate Guide to NHIs and the OWASP NHI Top 10.

For practitioners

• Rebuild AI identity inventory around continuous validation Map all AI agents, service accounts, and related access paths, then validate inventory, usage, and access patterns in real time rather than on a review calendar.
• Separate human identity governance from machine identity governance Do not extend human-centric access review, certification, or onboarding assumptions to AI systems. Define machine-specific controls for discovery, approval, monitoring, and offboarding.
• Operationalise just-in-time access for AI workloads Use ephemeral access and zero standing privilege for AI systems, but automate approval, monitoring, and revocation so the access window stays shorter than the task window.
• Baseline shadow AI as an identity risk source Add business-unit AI deployments to your risk register, then require control evidence before production access is granted. Shadow AI should be treated as an identity governance exception, not an innovation detail.

Key takeaways

• The core risk is confidence without validation, where teams believe AI identity controls are ready even though governance evidence is incomplete.
• The scale of the problem is structural, not anecdotal, because machine identities proliferate faster than discovery and review can keep up.
• Practitioners need continuous inventory, machine-speed validation, and ephemeral access controls before AI rollouts can be treated as secure at scale.

Key terms

• AI Security Confidence Paradox: A mismatch between what organisations believe about their AI identity readiness and what their controls can actually prove. In practice, it appears when teams trust inventory, access, or governance claims that are not backed by real-time validation or machine-specific assurance.
• Shadow AI: AI systems or agents that exist in an environment without full security visibility or formal governance. These deployments often create hidden identities, unknown access paths, and unmanaged privilege relationships that escape standard discovery and review processes.
• Zero Standing Privilege: An access model in which privileges are provisioned only when needed and removed immediately after use. For AI and other machine identities, the model only works when approval, monitoring, and revocation are automated fast enough to match machine-speed execution.
• Machine Identity: A non-human identity used by software, services, or AI systems to authenticate and access resources. Unlike a human account, it often operates at machine speed, across multiple systems, and with lifecycle controls that must be designed around automation and continuous validation.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Delinea: The identity risk behind the AI security confidence paradox. Read the original.