TL;DR: Enterprise adoption of AI agents is outpacing traditional identity models, with 57% of practitioners calling them NHIs and 43% treating them as a distinct identity type, according to Token Security and NHI Mgmt Group polling. The governance gap is structural because human-paced access review, ownership, and offboarding assumptions do not map cleanly to agent behaviour.
NHIMG editorial — based on content published by Token Security: The Agentic AI Identity Security Playbook
By the numbers:
- 57% said AI agent identities are just NHIs, while 43% said they are a new breed of identity.
Questions worth separating out
Q: How should security teams govern AI agent identities in the enterprise?
A: Start by giving every AI agent a unique identity, an explicit owner, and a defined lifecycle.
Q: What breaks when AI agents are managed like normal user accounts?
A: Normal user-account governance assumes a human owner, predictable activity, and review cycles that can catch drift over time.
Q: How do organisations know if AI agent discovery is actually working?
A: Discovery is working when the team can link each agent to a business owner, a data or system scope, and a clear source of truth from logs or code.
Practitioner guidance
- Define AI agents as a separate identity class Update identity taxonomy so agents are not hidden inside user or workload buckets.
- Build discovery from real operational signals Correlate secrets vault activity, AI provider logs, repository scans, and runtime telemetry to surface informal deployments.
- Right-size access before agents reach production Restrict production, customer, and regulated-data access until the agent has an explicit owner and a verified use case.
What's in the full article
Token Security's full blog covers the operational detail this post intentionally leaves for the source:
- Step-by-step discovery methods for finding AI agents in secrets vaults, code repositories, and runtime logs
- Practical prioritisation criteria for ranking agents by access sensitivity, ownership, and risk
- Examples of red flags such as broad permissions, cross-environment access, and hard-coded credentials
- Identity-first control patterns for formal identities, expiry policies, and approved catalogues
👉 Read Token Security's playbook for discovering and safely enabling AI agents →
AI agent identities: what IAM teams need to change now?
Explore further
AI agent identity is a governance category, not a naming convention. The article is right to treat these systems as distinct because the failure is not just technical classification, it is control misfit. Human identity processes assume a person, NHI processes assume a stable machine workload, and AI agents can move across both modes in one operational chain. Practitioners should stop asking which existing bucket to force them into and start asking which lifecycle and access assumptions still hold.
A few things that frame the scale:
- 98% of companies plan to deploy even more AI agents within the next 12 months, despite documented rogue behaviour in 80% of current deployments, according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: Who should be accountable for AI agent access and lifecycle decisions?
A: Accountability should sit with a named human owner who can explain the agent's purpose, approve its access, and retire it when the use case ends. Security teams can enforce the controls, but business ownership is what keeps the identity from becoming an orphan.
👉 Read our full editorial: AI agent identity governance needs a new control model