TL;DR: As enterprises add AI agents and more non-human identities, authorization is shifting from an access-review problem to a runtime risk problem, according to Opal Security. The assumption that access can be safely reviewed after it is granted is breaking down as human, service, and agent identities behave differently at machine speed.
NHIMG editorial — based on content published by Opal Security: Securing the Autonomous Future: Why We Built Opal’s Risk Layer
By the numbers:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.
Questions worth separating out
Q: How should security teams govern access across humans, service accounts, and AI agents?
A: They should govern the workflow, not just the identity object.
Q: Why do static IAM and IGA models struggle with AI agents?
A: Static models assume entitlements are stable long enough to review and certify them after the fact.
Q: What breaks when access reviews are used as the main control for NHI risk?
A: Access reviews break when they are asked to validate access that is already ephemeral, delegated, or dynamically reused.
Practitioner guidance
- Map authorization by workflow, not just by account Trace how humans, service accounts, and AI agents participate in the same business process, then identify where policy decisions are made, reused, or bypassed.
- Prioritise high-stakes entitlements with blast-radius scoring Rank access by resource sensitivity, historical usage, and downstream impact so review queues focus on the entitlements most likely to create material exposure.
- Require first-party telemetry for access decisions Use direct system and application data to confirm how access is actually used, then feed that evidence into remediation and certification workflows.
What's in the full article
Opal Security's full product post covers the operational detail this post intentionally leaves for the source:
- The specific risk-layer workflow for ranking access issues by historical use, resource sensitivity, and behavioural signals.
- How the platform applies human-in-the-loop cleanup to improve remediation heuristics over time.
- The company’s explanation of how agent-aware authorization is composed across multi-step hybrid workflows.
- Examples of how the system uses remediation guidance and contextual data to support access decisions.
👉 Read Opal Security's analysis of autonomous authorization risk layers →
AI agents and NHIs: what a risk layer changes for IAM teams?
Explore further
Authorization is now a primary security boundary, not a service desk function. The article is right to treat access as a control plane problem because the old split between governance and enforcement no longer reflects how work happens. When humans, service accounts, and AI agents share operational paths, a delayed review is not just inefficient. It is a control that arrives after the decision has already changed the environment. Practitioners should treat authorization as an active security domain, not a periodic cleanup exercise.
A few things that frame the scale:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials, according to AI Agents: The New Attack Surface report.
- Only 44% of organisations have implemented any policies to govern AI agents, even though 92% agree that governance is critical to enterprise security.
A question worth separating out:
Q: How can organisations decide whether a risk layer is actually improving identity security?
A: Look for faster prioritisation of high-impact entitlements, clearer remediation decisions, and fewer unresolved access exceptions in critical systems. If the programme only produces more visibility without changing remediation speed or decision quality, it is reporting on risk rather than controlling it.
👉 Read our full editorial: Authorization risk layers for AI agents and NHIs are emerging