TL;DR: Ungoverned AI agents are already creating measurable cost through secrets management drag, audit overruns, and standing credential exposure, according to Opnova's analysis, which also cites developer time loss, exploitable stale credentials, and multi-million-dollar compliance burdens. The real issue is that existing joiner-mover-leaver and certification processes were built for stable identities, not rapidly multiplying agents that inherit human credentials.
NHIMG editorial — based on content published by Opnova: The Business Case for Governing AI Agents
By the numbers:
- GitGuardian found that 64% of credentials confirmed valid in 2022 were still exploitable four years later.
- McKinsey's 2025 State of AI survey found 62% of organisations are at least experimenting with AI agents.
- Only 23% have scaled an AI agent into even a single business function, according to McKinsey.
Questions worth separating out
Q: How should security teams govern AI agents that are created outside normal joiner workflows?
A: Security teams should bring AI agents into the same lifecycle discipline used for other identities, but with explicit ownership, inventory, and revocation paths.
Q: Why do AI agents increase audit risk even when no breach has occurred?
A: AI agents increase audit risk because they expand the number of identities, credentials, and approvals that must be explained to auditors.
Q: What breaks when agents use borrowed human credentials?
A: Borrowed human credentials break ownership, leaver handling, and evidence quality.
Practitioner guidance
- Inventory every agent identity and credential path Build a current list of all AI agents, their owners, their credentials, and the systems those credentials can reach.
- Extend joiner, mover, and leaver workflows to agents Require each agent to have a named owner, a defined purpose, and a revocation path before it reaches production.
- Measure standing privilege by agent population Track how many agents hold standing credentials, how many of those credentials have rotated, and how many are outside certification scope.
What's in the full article
Opnova's full blog covers the operational detail this post intentionally leaves for the source:
- The cost-model walkthrough that estimates engineering drag, audit delta, and breach exposure from agent sprawl.
- The distinction between open-ended agent platforms and bounded AI-native solutions in lifecycle governance terms.
- The discussion of regulatory pressure, including how auditors and regulators may interpret agent access and separation-of-duties gaps.
- The article's full framing of joiner, mover, and leaver handling for AI agents as a workforce governance problem.
👉 Read Opnova's analysis of the business case for governing AI agents →
AI agent sprawl and audit drag: what identity teams need to price?
Explore further
AI agent sprawl is becoming an identity governance tax, not just a security risk. The article's strongest point is that the cost starts long before a breach. Manual secrets handling, certification overhead, and audit remediation all accumulate because agent identities multiply faster than governance can keep up. For identity leaders, the implication is simple: the first control question is no longer whether agents are useful, but whether the programme can absorb them without turning every release into an access review problem.
A few things that frame the scale:
- Two-thirds of enterprises have endured a successful cyberattack resulting from compromised non-human identities, with a quarter encountering multiple attacks, according to 2024 ESG Report: Managing Non-Human Identities.
- Enterprises that have experienced a compromised NHI averaged 2.7 separate incidents in the past 12 months, according to the same report.
A question worth separating out:
Q: Who is accountable when an AI agent's access is never revoked?
A: Accountability sits with the team that allowed the agent to operate without a lifecycle record, a named owner, and a revocation path. If the organisation cannot show who approved the access, who reviewed it, and who removed it, the control failure is governance, not tooling. Identity ownership must be explicit before deployment.
👉 Read our full editorial: AI agent sprawl is already a governance cost, not a future risk