Campaign-level risk is the likelihood that a coordinated attack pattern will succeed against a specific environment. It reflects the whole sequence, from entry through privilege use, rather than evaluating each technique in isolation or assuming matrix coverage equals resilience.
Expanded Definition
Campaign-level risk describes the probability that an attacker will succeed across an entire coordinated path, not just at a single control point. In NHI and agentic AI environments, that means evaluating how discovery, credential use, lateral movement, and privilege escalation combine into one chain of failure. This is different from technique-by-technique scoring, where a team may mark individual controls as present while missing the fact that an exposed token, permissive trust relationship, and weak secret rotation together create a viable intrusion campaign. The concept aligns well with the NIST Cybersecurity Framework 2.0 emphasis on outcomes, because resilience depends on whether the full attack path can be interrupted. Definitions vary across vendors on whether campaign-level risk should be modelled as attacker intent, kill-chain progression, or control-bypass probability, so the term should be used carefully and tied to a specific environment and threat scenario. The most common misapplication is treating matrix coverage as proof of resilience, which occurs when teams count implemented controls but do not test whether those controls fail in sequence.
Examples and Use Cases
Implementing campaign-level risk rigorously often introduces modelling overhead, requiring organisations to weigh better attack-path visibility against the cost of maintaining current identity and trust graphs.
- A public cloud workload exposes an API key, and the risk assessment asks whether that key can lead to secret discovery, role assumption, and data access in one campaign rather than as three isolated findings. This is the pattern highlighted in LLMjacking: How Attackers Hijack AI Using Compromised NHIs.
- An agent can call internal tools, but campaign-level analysis checks whether one compromised token lets the attacker trigger actions, harvest outputs, and persist through delegated permissions. That perspective is consistent with the risk logic behind OWASP NHI Top 10.
- A service account is technically locked down, yet a weak trust relationship to another platform lets an attacker pivot after the first foothold. The issue becomes a campaign question, not a single-account question, when the sequence is the real vulnerability.
- Security teams compare a suspected attack path against identity telemetry, rotation cadence, and privilege boundaries to see whether the campaign can be broken early. The response usually starts with the NIST Cybersecurity Framework 2.0 and then maps to NHI-specific controls.
- Lessons from the DeepSeek breach show why exposed secrets and reachable databases must be evaluated as a combined attack surface.
Why It Matters in NHI Security
Campaign-level risk matters because NHI compromises rarely stop at the first credential. Attackers often chain exposed secrets, over-permissioned identities, and unattended machine access into repeatable intrusion patterns. NHIMG research shows that 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, which makes the ability to assess whole campaigns essential rather than optional. When teams underestimate campaign-level risk, they often miss the fact that one compromised token can unlock multiple systems, especially where secret sprawl and delegated access are common. That is why the Top 10 NHI Issues and the Ultimate Guide to NHIs — Why NHI Security Matters Now both emphasise environment-level exposure, not just credential hygiene. Organisations typically encounter campaign-level risk only after a low-friction foothold turns into broad access or repeated abuse, at which point the concept becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 and OWASP Agentic AI Top 10 address the attack and risk surface, while NIST CSF 2.0, NIST Zero Trust (SP 800-207) and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | Focuses on NHI attack paths and exposure patterns, not isolated findings. |
| OWASP Agentic AI Top 10 | A-03 | Agent tool abuse is best understood as a multi-step campaign risk. |
| NIST CSF 2.0 | ID.RA-1 | Risk assessments should consider threat scenarios and business context. |
| NIST Zero Trust (SP 800-207) | SP 800-207 | Zero trust limits implicit movement and reduces campaign success. |
| NIST AI RMF | GOVERN | AI risk governance should account for system-level abuse and cascading failure. |
Assess whether one agent compromise can cascade through tools, memory, and permissions.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on July 9, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org