Notifications
Clear all
Topic starter
25/06/2026 3:15 pm
TL;DR: Demand for identity security is growing across human, non-human and AI identities, while attacks tied to stolen identities and compromised credentials are also rising, according to Permiso Security. The underlying message is that identity inventory, posture, and threat detection are converging into one governance problem.
NHIMG editorial — based on content published by Permiso Security: Permiso builds leadership team for next stage of growth as demand builds for identity security protection
Questions worth separating out
Q: How should security teams inventory identities across cloud, SaaS, and AI systems?
A: They should use one inventory model that includes human users, NHIs, and AI-linked identities, then map each identity to an owner, purpose, and access boundary.
Q: Why do non-human identities increase identity security risk in hybrid environments?
A: Non-human identities often persist longer than the workflows that created them, and their access is frequently less visible than human access.
Q: What do security teams get wrong about identity posture management?
A: They often treat posture as a list of misconfigurations instead of a measure of whether access still matches identity purpose.
Practitioner guidance
- Unify identity discovery across all identity types Create one inventory that covers human users, service accounts, API keys, tokens, certificates, and AI-linked identities across cloud and SaaS.
- Measure standing privilege against identity purpose Review entitlements by why the identity exists and what system it should reach.
- Tune detections for identity behaviour baselines Build alerts around unusual token use, abnormal authentication paths, and access patterns that differ from normal automation.
What's in the full article
Permiso Security's full blog post covers the operational detail this post intentionally leaves for the source:
- The specific leadership changes and role remits behind the company's growth narrative
- The product milestones the vendor ties to its identity inventory and threat detection roadmap
- The company's own explanation of how its platform is positioned across human, non-human, and AI identities
- The market context behind the demand signal the vendor says it is seeing
👉 Read Permiso Security's update on leadership growth and identity security demand →
Identity security leadership shifts: what do they mean for teams?
Explore further
25/06/2026 4:40 pm
Identity security is being reorganised around the full identity fabric, not individual identity silos. The article reflects a market reality that human IAM, NHI governance, and AI identity controls are converging into one operating problem. Security teams are no longer being asked to secure separate identity classes in isolation; they are being asked to understand how access, posture, and detection interact across all of them. The practitioner conclusion is that programme design now needs a single identity control model with differentiated treatment by actor type.
A few things that frame the scale:
- 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to the 2026 Infrastructure Identity Survey.
- Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security, according to the 2026 Infrastructure Identity Survey.
A question worth separating out:
Q: How should teams respond when AI makes impersonation harder to detect?
A: They should rely more heavily on identity behaviour baselines, entitlement scope, and access path anomalies. When impersonation becomes more convincing, the programme must shift from visual trust in the request to continuous verification of who or what is using the identity.
👉 Read our full editorial: Permiso leadership changes signal rising demand for identity security
