Notifications
Clear all
Topic starter
27/06/2026 1:38 pm
TL;DR: AI agents are already performing around 30% of daily work at about 3x the rate leaders estimate, while fewer than 20% of companies have written AI policies and AI credential leakage rose 81% year over year to 1.27 million exposed secrets, according to Abnormal AI. Human-first IAM, DLP, and SIEM assumptions are collapsing as non-human actors increasingly behave like account takeovers.
NHIMG editorial — based on content published by Abnormal AI: AI agents are breaking human-first IAM assumptions in the enterprise
By the numbers:
- AI credentials leaked onto public repos rose 81% YoY to 1.27M, equating to one exposed AI credential every 25 seconds.
- IBM data puts the average shadow-AI incident cost at $670K, with controls absent in 97% of those cases.
Questions worth separating out
Q: What breaks when AI agents are governed like normal user accounts?
A: Access reviews, identity baselines, and alert triage lose accuracy because AI agents do not behave like stable human users.
Q: Why do AI agents complicate IAM and zero trust programmes?
A: They complicate IAM and zero trust because they blur the line between user, workload, and automated process.
Q: How do security teams know whether AI usage is becoming shadow AI risk?
A: Look for AI tools, credentials, and workflows that lack ownership, audit coverage, or approved data boundaries.
Practitioner guidance
- Inventory AI-enabled identities, not just AI tools Build a single register that ties every approved and unapproved AI workflow to the identity, credential, and data scopes it can reach.
- Escalate exposed AI credentials as active incidents When an AI credential appears in a public repository or shared code base, assume immediate misuse potential and rotate or revoke it through the same incident path used for other standing secrets.
- Separate human and non-human behavioural baselines Tune SIEM and behaviour analytics so an AI agent reading data, generating output, or triggering downstream actions is evaluated against machine identity norms rather than employee norms.
What's in the full article
Abnormal AI's full research covers the operational detail this post intentionally leaves for the source:
- The article’s original data cuts on employee AI usage, policy coverage, and exposed credential trends across the stated reporting period.
- The breach-style example showing how an unsanctioned AI download led to large-scale internal data loss.
- The vendor’s behavioural framing for distinguishing normal human activity from abnormal AI-driven action patterns.
- The discussion of how security teams are detecting shadow AI and where current tooling still falls short.
👉 Read Abnormal AI's analysis of AI agent exposure, shadow AI, and IAM gaps →
AI agent sprawl: what it means for IAM and governance teams?
Explore further
27/06/2026 3:02 pm
AI agent behaviour is now an identity governance problem, not just a tool governance problem. The article makes clear that the decisive risk is what the actor does once it is inside the environment, not the label on the application. That is why the governance model has to follow the identity through data access, action execution, and downstream delegation. Practitioner conclusion: stop treating AI usage as a software inventory exercise and start governing the actor that performs the work.
A few things that frame the scale:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.
A question worth separating out:
Q: Who should own AI agent governance inside the enterprise?
A: Ownership should sit with the identity and security teams that already manage lifecycle, access, and audit accountability, with business teams providing use-case context. If ownership is split only across IT experimentation or shadow innovation, the organisation will miss the point where AI work becomes a persistent identity risk.
👉 Read our full editorial: AI agents are breaking human-first IAM assumptions in the enterprise
