Notifications
Clear all
Topic starter
14/05/2026 2:33 pm
TL;DR: IdentityTV 2026 is a virtual broadcast on May 19, 2026, focused on AI, machine identities, extensibility, and practical identity security strategies, with sessions spanning adaptive identity, industry trends, and turning insight into measurable outcomes, according to SailPoint. The event signals that identity programmes now have to govern autonomous systems and machine access as core security issues, not side topics.
NHIMG editorial — here’s why we think this discussion matters
Questions worth separating out
Q: How should organisations govern AI agents with privileged access?
A: Treat AI agents as non-human identities with explicit owners, scoped permissions, and revocation paths.
Q: What is the difference between identity visibility and identity governance?
A: Visibility tells you what identities exist and what they can access.
Q: Why do machine identities create more risk than human identities in some environments?
A: Machine identities are often numerous, long-lived, and embedded in code or infrastructure.
Practitioner guidance
- Inventory machine identities and AI agents separately Map service accounts, API keys, tokens, certificates, and autonomous agents as distinct identity classes so ownership and lifecycle controls can be applied correctly.
- Define runtime access rules for high-risk NHIs Use contextual policy to narrow access during execution, especially where agents and automation touch sensitive data or privileged tooling.
- Link identity telemetry to remediation workflows Convert identity insights into tasks for key owners, revocation teams, and platform operators so stale credentials, orphaned accounts, and over-privileged roles are fixed quickly.
The near-term priority is to reduce standing privilege wherever automation can act without direct supervision, while aligning those controls to the NIST AI Risk Management Framework?
👉 Register for SailPoint's IdentityTV 2026 virtual broadcast on AI and identity →
Explore further
View Full Forum → | NHI Foundation Course → | Our Services →
14/05/2026 2:35 pm
A few things worth adding from our research at NHI Mgmt Group.
AI agent governance is becoming an identity problem before it becomes an AI problem. The sessions and themes in this event reflect a broader shift in the market: autonomous systems inherit privileges, make tool calls, and persist across workflows in ways IAM was never designed to supervise by default. That means identity teams now own the control boundary for agentic execution. The practical conclusion is that AI programmes cannot scale safely without NHI policy, ownership, and revocation discipline.
A few things that frame the scale:
- 90% of IT leaders say properly managing NHIs is essential for a successful zero-trust implementation, according to Ultimate Guide to NHIs.
- 71% of NHIs are not rotated within recommended time frames, increasing the risk of compromise over time.
A question worth separating out:
Q: Should identity teams use just-in-time access for NHIs?
A: Yes, when the identity performs sensitive or privileged tasks that do not require permanent access. Just-in-time access reduces standing privilege and limits how long a stolen credential is useful. It works best when paired with strong ownership, logging, and automated expiry.
👉 Read our full editorial: IdentityTV 2026 spotlights AI, machine identities, and access risk
