AI security priorities for CISOs are shifting toward governance

At a glance

What this is: This is RSA Security’s summary of Gartner’s 2026 CISO guidance, which argues that AI security should be subordinated to core cybersecurity outcomes rather than driven by adoption pressure.

Why it matters: For IAM and NHI practitioners, the report reinforces that AI expands the number of identities and access decisions that must be governed, so lifecycle control and policy enforcement matter more than speed alone.

By the numbers:

• When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes and as quickly as 9 minutes in some cases.

👉 Read RSA Security’s summary of Gartner’s AI security priorities for CISOs

Context

AI security has become an identity and governance problem as much as a tooling problem. Once AI systems can make or assist access decisions, they increase the number of non-human identities that need scope, review, monitoring, and revocation. That is where many existing IAM and NHI controls start to lag behind the operating model.

Gartner’s argument is straightforward: security teams should stop treating AI as a parallel programme and fold it into the controls that already govern risk. For CISOs, that means prioritising measurable cybersecurity outcomes, not adoption velocity. For NHI governance, it means AI initiatives should be judged by how they change access assurance, lifecycle control, and operational resilience, not by how fast they can be stood up.

The report also reflects a common pattern in enterprise security programmes: AI pressure tends to arrive before control maturity. That is typical, not unusual, and it is exactly why governance needs to lead the conversation.

Key questions

Q: How should security teams govern AI systems that can take actions on behalf of users?

A: Treat them as non-human identities with scoped permissions, named ownership, and revocation paths. If an AI system can access tools or data, it needs the same lifecycle discipline as any other machine identity. That means approvals, logging, review cycles, and clear boundaries on what it may do without human intervention.

Q: Why do AI programmes create new identity risk for CISOs?

A: AI programmes expand the number of identities, workflows, and access decisions that security teams must manage. That creates more places for standing privilege, shadow workflows, and policy exceptions to accumulate. The risk rises when AI is treated as a separate roadmap instead of being governed through existing IAM and NHI controls.

Q: How do security teams know if AI governance is working?

A: Look for evidence that access decisions are reviewable, permissions are revocable, and exceptions are not becoming permanent. If the team cannot explain who owns an AI workflow, what it can reach, and when its access was last reviewed, governance is incomplete. Control maturity shows up in traceability, not adoption volume.

Q: What should organisations do when AI adoption outpaces governance?

A: Slow the rollout of new use cases until the identity model is clear, the permissions are bounded, and the lifecycle process is in place. Security leaders should fund AI only where it supports existing cybersecurity objectives and where access can be monitored, rotated, and removed on time.

Technical breakdown

How policy drift happens when AI becomes part of security operations

AI-assisted security workflows can accumulate policy drift when teams optimize for throughput instead of control. A model that recommends actions, triggers alerts, or automates triage can gradually widen what it is allowed to see and do. If those permissions are not tied to tight boundaries, the result is standing privilege by another name. The architectural failure is usually incremental: logging becomes incomplete, approvals become implicit, and exceptions become permanent. That makes auditability weaker over time even if the initial design looked safe. Practical implication: enforce explicit policy checkpoints for every AI-enabled workflow that can modify state or access sensitive data.

Practical implication: Require change control and periodic review for AI workflows that can alter tickets, detections, or access states.

Why lifecycle management matters more than AI adoption speed

The report’s emphasis on cybersecurity fundamentals is important because AI programmes often expand faster than governance teams can classify, rotate, and retire identities. In NHI environments, the main control failures are lifecycle failures: secrets remain active too long, entitlements outlive their use case, and service identities accumulate beyond visibility. AI increases that pressure by multiplying ephemeral and semi-autonomous actors. The right response is not to block adoption, but to place AI inside the same governance model used for any other high-risk machine identity. Practical implication: extend lifecycle management, access review, and assurance controls to every AI agent or workflow that can act independently.

Practical implication: Align AI rollout milestones with identity review, rotation, and offboarding checkpoints.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

AI security FOMO is really an identity governance problem in disguise. The report describes a familiar executive pressure cycle, but the security consequence is broader than budget waste. When AI becomes a separate roadmap, teams create parallel access models, shadow workflows, and policy exceptions that are hard to unwind. For NHI governance, the correct question is whether AI changes the identity perimeter, not whether it is fashionable. Practitioners should force AI use cases back into existing governance structures rather than allowing a second control plane to emerge.

AI agent identity risk deserves its own governance language. A useful concept here is the AI governance gap: the distance between what an autonomous or semi-autonomous system can do and what the enterprise can actually review, revoke, and explain. That gap widens when AI tools inherit broad scopes, delegate actions to hidden workflows, or sit outside standard access review cycles. The practical conclusion is simple: if an AI system can act, it must be governable as an identity, not just managed as software.

Security value should outrank adoption velocity in every AI decision. Gartner’s framing is valuable because it rejects novelty as a control objective. Cybersecurity programmes fail when AI is measured by deployment speed instead of reduced risk, better resilience, or lower operational friction. That is especially true for NHI-heavy environments, where new automation can multiply permissions faster than teams can classify them. Practitioners should make every AI initiative answer the same question: what security outcome improves, and what identity risk is being introduced?

AI will intensify, not replace, the need for identity lifecycle discipline. The article’s strongest implication is that AI adds identities faster than most enterprises can govern them. That means lifecycle management, access review, and monitoring remain the centre of gravity, even when the technology stack changes. Security leaders who treat AI as an overlay will keep discovering unmanaged access after the fact. Practitioners should plan for more identities, shorter review windows, and tighter revocation discipline.

Enterprises need a single control model for human and non-human actors. The governance error is to separate AI security, IAM, and NHI management into different operating lanes. Once AI can trigger actions, call tools, or delegate tasks, those boundaries become artificial. A single model is easier to audit, easier to explain, and less likely to leak privilege across programmes. Practitioners should unify control ownership before AI adoption creates additional fragmentation.

From our research:

• Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities, according to The State of Non-Human Identity Security.
• Our research also found that 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, with 38% reporting no or low visibility.
• That visibility gap is a reminder that AI governance cannot rely on inventory alone, which is why the 52 NHI Breaches Analysis is useful for mapping how control failures become incidents.

What this signals

AI governance will increasingly be judged by identity control quality, not by the number of pilots deployed. For most programmes, the next failure mode is not model behaviour alone. It is permission sprawl, unowned workflows, and weak revocation discipline across AI-enabled systems. With 1.5 out of 10 organisations highly confident in securing NHIs, the baseline problem is already visible, and AI will magnify it unless IAM and NHI ownership are unified.

AI governance gap: This is the operational distance between what an AI workflow is allowed to do and what the enterprise can still observe, explain, and remove. Teams should expect that gap to widen first in experimentation environments and then in production if controls are not built into release gates. The practical response is to tie every AI deployment to access review, logging, and lifecycle control from day one.

Security leaders should also prepare for more frequent cross-team friction because AI use cases sit at the intersection of IAM, SOC, application teams, and platform engineering. That means programme success will depend on clear ownership and shared evidence, not on isolated automation wins. If access cannot be explained quickly, it will not be governable for long.

For practitioners

• Reframe AI as a governed identity class Classify AI assistants, agents, and automated workflows as non-human identities with named owners, explicit scope, and documented revocation paths.
• Tie AI initiatives to core cybersecurity objectives Require every AI use case to map to measurable outcomes in Govern, Identify, Protect, Detect, Respond, or Recover before funding is approved.
• Review access before automation expands Check whether the AI workflow can read sensitive data, trigger actions, or modify state, then apply the narrowest viable entitlements and logging.
• Build lifecycle controls into rollout gates Make rotation, review, and offboarding part of the release process so AI-related identities cannot stay active after the use case changes.
• Measure governance debt, not adoption speed Track exceptions, standing privilege, and unreviewed AI access as risk indicators so programme leaders see control drift early.

Key takeaways

• AI security pressure is fundamentally a governance problem because new automation expands identity scope faster than most controls can absorb it.
• The control gap is already measurable, with only 1.5 out of 10 organisations highly confident in securing NHIs.
• CISOs should fund AI where it strengthens core cybersecurity outcomes and lifecycle discipline, not where it merely accelerates deployment.

Key terms

• AI governance gap: The gap between what an AI system can do and what the organisation can still review, explain, and revoke. In identity terms, it appears when permissions, ownership, and logging lag behind automation, leaving autonomous workflows harder to govern than the systems they operate on.
• Non-Human Identity: A non-human identity is any machine, workload, secret, token, certificate, bot, or AI agent that can authenticate and act in an enterprise environment. The operational challenge is not just issuing credentials, but controlling scope, lifecycle, monitoring, and revocation at machine speed.
• Standing privilege: Standing privilege is access that remains active whether or not it is being used. For non-human identities and AI workflows, it increases blast radius because unused permissions often survive long after the original task, making overreach and abuse easier to miss.
• Lifecycle management: Lifecycle management is the process of creating, reviewing, rotating, and retiring identities and their credentials on time. For NHI and AI programmes, it is the control that prevents access from outliving its purpose and becoming invisible operational debt.

Deepen your knowledge

AI governance, lifecycle management, and high-assurance authentication are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building AI controls from the same identity baseline as your NHI programme, it is worth exploring.

This post draws on content published by RSA Security: Gartner Report, AI Security Priorities for CISOs. Read the original.