A resilience failure mode where critical knowledge lives in one expert instead of being documented and repeatable. In identity and recovery programmes, it creates fragility because access decisions, exception handling, and restoration steps cannot scale beyond the individual.
Expanded Definition
Hero worship is a resilience anti-pattern in which an identity, recovery, or security programme depends on one person’s memory, judgement, or informal authority rather than documented, repeatable process. In NHI operations, it often appears when a lead engineer, security architect, or platform owner becomes the only person who understands how service account exceptions, secret rotation, or emergency recovery are actually performed.
This is not the same as having subject matter experts. The problem begins when expertise is not translated into runbooks, controls, peer review, or automation. In mature governance, the expectation is that knowledge survives turnover and can be executed by more than one qualified operator. That aligns with the control discipline described in the NIST Cybersecurity Framework 2.0, which treats repeatability, accountability, and recovery as operational requirements rather than personal traits.
Definitions vary across vendors, but in NHI security the term usually applies when exception handling or restoration depends on a named individual instead of a controlled process. The most common misapplication is treating a highly trusted expert as a compensating control, which occurs when teams assume one person’s presence is equivalent to documented resilience.
Examples and Use Cases
Implementing resilient NHI governance rigorously often introduces process overhead, requiring organisations to weigh speed and convenience against continuity and auditability.
- A platform team only knows how to renew a critical API key because one engineer keeps the steps in private notes, rather than in an approved runbook.
- An emergency access exception for a production service account is approved verbally by a single architect, then recreated from memory during the next incident.
- A rotation workflow exists, but only one person understands which downstream jobs will fail unless the schedule is adjusted manually.
- A recovery exercise succeeds only when the original developer is available to interpret undocumented dependencies and restore privileged access paths.
- During an ownership change, the organisation discovers that no one else can trace where secrets are stored, even though the Ultimate Guide to NHIs shows how common secret sprawl and visibility gaps are in practice.
For related governance patterns, NIST guidance on repeatable access administration and incident recovery helps translate individual expertise into durable control objectives. The most effective use cases are those where a task can be performed correctly by a second person without asking the original subject matter expert to coach every step.
Why It Matters in NHI Security
Hero worship is dangerous in NHI environments because non-human access scales far beyond human oversight. NHIMG research in the Ultimate Guide to NHIs reports that only 5.7% of organisations have full visibility into their service accounts, which means many teams are already operating with weak institutional memory before a crisis begins. When one person becomes the only reliable source of truth, access reviews stall, rotations are delayed, and incident response becomes dependent on availability rather than control design.
This risk also undermines trust boundaries described in the NIST Cybersecurity Framework 2.0. If a recovery path cannot be executed by multiple trained operators, the organisation has not actually institutionalised resilience. Hero worship becomes especially visible after a breach, a staff departure, or a failed restoration attempt, when the organisation discovers that critical access knowledge existed only in one person’s head, at which point the term becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | Single-owner knowledge creates unmanaged NHI lifecycle and access fragility. |
| NIST CSF 2.0 | PR.AT-1 | Training and awareness reduce dependence on one expert for operational knowledge. |
| NIST Zero Trust (SP 800-207) | Zero trust relies on explicit, repeatable policy enforcement instead of individual discretion. |
Document NHI ownership, approval paths, and recovery steps so no critical process depends on one person.
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on July 9, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org