Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

AI agent identity risk is outpacing enterprise controls


(@akeyless)
Reputable Member
Joined: 1 year ago
Posts: 94
Topic starter  

TL;DR: A 2026 study of 400 IT and security leaders found that 67% suspect AI agents have accessed data beyond their intended scope, while detection takes 14 hours on average and more than $1 million has already been spent managing fallout, according to Akeyless. Static credentials and human-paced IAM controls are no match for runtime agent behaviour, making governance the real control problem.

NHIMG editorial — based on content published by Akeyless: Global study shows most organizations cannot detect compromised AI agents for hours, and are already spending over $1 million managing the fallout

By the numbers:

Questions worth separating out

Q: What breaks when AI agents keep long-lived credentials?

A: Long-lived credentials let AI agents keep operating after the moment of risk has passed, which makes containment and accountability much harder.

Q: Why do AI agents complicate least privilege in practice?

A: AI agents complicate least privilege because their actions are not fully known when access is assigned.

Q: How do security teams know if AI agent controls are working?

A: Controls are working only if they can stop or narrow agent behaviour while the session is still active.

Practitioner guidance

  • Inventory every AI agent identity and its credential type Map where agents use API keys, static secrets, or delegated tokens, then record which systems each identity can reach in production and non-production environments.
  • Shorten credential lifetime at the point of execution Replace persistent access with ephemeral identities issued only for the task being executed, and revoke access immediately after the workflow completes.
  • Test for runtime access drift, not just entitlement drift Run reviews against actual agent behaviour to see whether a valid identity can reach systems, data sets, or workflows beyond the intended scope.

What's in the full report

Akeyless' full report covers the operational detail this post intentionally leaves for the source:

  • Survey methodology across 400 IT and security leaders in the United States and United Kingdom.
  • The breakdown of where AI agent credentials are stored and how often they are rotated or revoked.
  • The full response workflow for organisations that said they spent more than $1 million on AI agent identity and security issues.
  • Additional commentary on runtime identity controls and forensic auditability for AI agents, machines, and human access.

👉 Read Akeyless’ report on AI agent identity security findings →

AI agent identity risk is outpacing enterprise controls?

Explore further

View Full Forum →  |  NHI Foundation Course →  |  Our Services →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Static credential trust is the wrong baseline for AI agent governance. The article shows that organisations are still issuing long-lived identities to systems that act continuously and can change behaviour at runtime. That approach assumes the actor will remain stable long enough for human review, which is not how AI agents operate. The implication is that governance must stop treating agent identity as a fixed artefact and start treating it as a runtime condition.

A few things that frame the scale:

  • 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, according to The State of Non-Human Identity Security.
  • That visibility gap is consistent with broader NHI governance weakness: only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, according to the same report.

A question worth separating out:

Q: Who is accountable when a compromised AI agent accesses data outside its scope?

A: Accountability sits with the teams that issued the identity, defined the access boundaries, and approved the operational workflow. AI agent incidents are usually governance failures, not just technical failures, because they reveal where ownership, policy, and review were split across tools instead of tied to one control model.

👉 Read our full editorial: AI agent identity security gaps are exposing enterprise access risk



   
ReplyQuote
Share: