TL;DR: Culture, craftsmanship, and AI-native execution must evolve together as companies scale identity platforms across complex enterprise environments, according to Lumos. The deeper takeaway is that faster AI-assisted delivery does not remove governance discipline; it raises the bar for how identity programmes are led and sustained.
NHIMG editorial — based on content published by Lumos: What recognition really means in the age of AI
Questions worth separating out
Q: How should security teams keep identity governance accountable as AI speeds up operations?
A: Security teams should keep accountability explicit by naming owners for policy, exceptions, and lifecycle closure.
Q: Why does organisational culture matter in identity security programmes?
A: Culture matters because identity governance depends on repeated behaviour, not just written policy.
Q: What breaks when AI increases the pace of identity operations?
A: What breaks first is usually decision quality and governance follow-through.
Practitioner guidance
- Make governance ownership explicit Assign named owners for policy, exceptions, access review outcomes, and lifecycle closure so AI-assisted workflows never create ambiguous accountability.
- Measure lifecycle discipline as an operating metric Track joiner-mover-leaver completion, overdue reviews, and unresolved exceptions as recurring programme signals, not one-time audit tasks.
- Treat automation as a control amplifier Use AI to reduce manual triage, but keep human approval points where policy interpretation, risk acceptance, or privileged access decisions are involved.
What's in the full article
Lumos' full blog post covers the company-specific reflection and employer-brand context this post intentionally leaves for the source:
- The Forbes and Statista recognition context and how Lumos frames its internal culture around that milestone
- Andrej Safundzic's first-person commentary on how the company links AI-native work to team behaviour and identity
- The broader corporate narrative behind Lumos' culture, hiring, and growth positioning
- The source article's own product and company links for readers who want the original executive viewpoint
👉 Read Lumos' executive viewpoint on culture, AI, and recognition →
AI-era identity governance: why culture now shapes execution?
Explore further
Culture is now a governance control surface, not a branding exercise. In AI-era identity programmes, the quality of decisions matters as much as the speed of delivery. If teams normalise shortcuts, exception drift, or unclear ownership, identity controls become performative instead of enforceable. The practitioner takeaway is that culture should be managed as part of governance design.
A few things that frame the scale:
- 1 in 4 organisations are already investing in dedicated NHI security capabilities, with an additional 60% planning to do so within the next twelve months, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities.
A question worth separating out:
Q: How do teams know whether an AI-native identity programme is working?
A: Teams should look for stable lifecycle outcomes, consistent review completion, and low exception backlogs. If AI is helping but access drift, overdue reviews, or unresolved ownership keep growing, the programme is only accelerating noise. A working identity programme should improve control consistency, not just task throughput.
👉 Read our full editorial: Lumos recognition highlights culture as the constraint on AI-era IAM