Notifications
Clear all
Topic starter
07/06/2026 8:21 pm
TL;DR: Only 10% of organisations have a well-developed strategy for managing non-human and agentic identities, according to an Okta survey of 260 executives, while credential abuse remains the most common initial access vector in breaches, per the 2025 Verizon DBIR. Static secrets, weak identity separation and shared credentials turn agentic systems into scalable access paths that existing IAM models were not built to govern.
NHIMG editorial — based on content published by Aembit: 6 Cybersecurity Risks of Agentic AI
By the numbers:
- Only 10% of organizations have a well-developed strategy for managing non-human and agentic identities.
Questions worth separating out
Q: How should security teams govern agentic AI identities in production?
A: Treat each agent as a distinct non-human identity with its own access policy, audit trail and expiry rules.
Q: Why do agentic AI systems increase initial access and privilege abuse risk?
A: Because they can chain valid access into multiple tool calls without needing a human to approve each step.
Q: What breaks when agents rely on shared credentials or borrowed user identities?
A: Auditability breaks first, followed by recertification and containment.
Practitioner guidance
- Separate agent identity from human identity Issue each agent its own cryptographically verifiable identity and keep the human delegate in a distinct trust record.
- Replace long-lived secrets with task-scoped credentials Use short-lived credentials that are issued only when a task starts and revoked when the task ends.
- Review tool chains, not just entitlements Map every database, API and downstream service an agent can call, then test what happens when one permitted step feeds the next.
What's in the full article
Aembit's full blog post covers the operational detail this post intentionally leaves for the source:
- Specific identity gateway mechanics for authenticating agents and exchanging tokens without exposing runtime secrets.
- Implementation detail on binding agent identity to human context through blended identity and traceable audit trails.
- Policy and approval patterns for high-risk actions in agentic workflows across infrastructure and data systems.
- Practical examples of short-lived credential issuance for task-scoped access in AI workloads.
👉 Read Aembit's analysis of agentic AI identity risks and controls →
Agentic AI identity risk: what it means for IAM teams?
Explore further
07/06/2026 10:12 pm
Static secrets for agentic AI are a trust debt, not just a credential choice: agentic systems that depend on long-lived secrets inherit the same exposure window problems that have plagued NHI programmes for years, but with faster execution and broader tool reach. The issue is not simply theft of a secret. It is that the secret becomes a reusable path into an actor that can keep acting after the original context has changed. Practitioners should treat static credential dependence as evidence that the governance model is lagging the runtime behaviour.
A few things that frame the scale:
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them, according to Ultimate Guide to NHIs.
- 71% of NHIs are not rotated within recommended time frames, increasing the risk of compromise over time.
A question worth separating out:
Q: Who should be accountable when an AI agent causes an access incident?
A: Accountability should be assigned to the programme that approved the agent’s identity, permissions and oversight model, not just the individual operator. If the agent was allowed to act under a human identity or with persistent secrets, the governance failure is shared across identity, security and platform owners.
👉 Read our full editorial: Agentic AI identity risk is outpacing enterprise IAM controls
