For decades, enterprise software followed a predictable script: it was a tool, a deterministic set of instructions that did exactly what it was told. But in the last twelve months, that script has been shredded. Artificial Intelligence has transitioned from a helpful “tool” to an “autonomous teammate” faster than most security manuals could be rewritten. Today, agentic systems are no longer just making suggestions; they are executing code, applying policies, and navigating sensitive environments without ever checking in with a human operator.
To map this new territory, the 2026 Infrastructure Identity Survey interviewed 205 security leaders—from CISOs to Platform Engineers—at organizations ranging from 500 to over 10,000 employees. These leaders, primarily in “tip of the spear” industries like Financial Services and SaaS, are the ones responsible for the reliability of systems that AI is now navigating.
The findings represent a wake-up call for the modern professional. We are witnessing a startling gap between the velocity of AI innovation and the effectiveness of the security models meant to contain it. What we learned suggests that our traditional human-centered security playbooks aren’t just aging—they’re obsolete.
The Confidence Paradox: Why Feeling Secure is a Red Flag
There is a dangerous disconnect between a leader’s internal sense of security and the external reality of their infrastructure. The report identifies a “Confidence Paradox”: organizations that describe themselves as confident in their AI deployment actually experience an incident rate of 72%. In contrast, those who remain neutral or “not confident” report a much lower incident rate of 33%.
This suggests that confidence is often a byproduct of a lack of visibility. The survey found a significant “Visibility Gap,” with 7% of leaders admitting they don’t even know how often their AI systems are making autonomous changes. When you can’t see the changes, it’s easy to feel secure. In the age of agentic workflows, vigilance is a much better predictor of safety than a high comfort level.
Key Insight: Confidence does not equal safety.
The “Confidently Wrong” Risk: AI’s Biggest Weakness
Human error is usually characterized by hesitation. When a human engineer is unsure about a configuration change, they hedge, they ask questions, or they double-check the documentation. AI, however, is deterministic in its delivery but non-deterministic in its logic. The top fear cited by 59% of infrastructure leaders is the “confidently wrong” configuration.
Because an AI system proposes changes with the same absolute certainty whether it is correct or catastrophically wrong, it easily bypasses traditional review processes. These processes were built for humans; they assume that if a proposal looks certain and well-structured, it has been vetted. When AI pushes a bad configuration through at machine speed, it doesn’t stop to wonder “what if”—it simply executes.
The Access Equation: The 4.5x Multiplier
The most profound finding of the report is that security outcomes are not determined by industry or maturity, but by a single metric: the scope of access granted to AI identities. The data shows a stark divide in incident rates based on privilege levels: systems with least-privileged access had a 17% incident rate, while over-privileged systems spiked to 76%.
“It’s not the AI that’s unsafe. It’s the access we’re giving it.” — Ev Kontsevoy, CEO, Teleport
The single most predictive factor for security outcomes is the scope of access granted to AI. Organizations that fail to properly scope this access are nearly 4.5 times more likely to experience a security incident.
The Human Comparison: Why We Trust Agents More Than Employees
Perhaps the most irrational finding is how we treat AI identities compared to human ones. A staggering 70% of organizations grant AI systems more access than they would give a human employee performing the exact same job. Even more concerning, 19%—nearly one in five—admit to giving AI “dramatically” more access.
This “Identity Problem” stems from the fact that our traditional security models are human-centric. We rely on manual approvals and deterministic workflows that fail when confronted with the non-deterministic nature of AI. There is a growing consensus that the old model is dead: 69% of security leaders agree identity management must fundamentally shift, while a mere 2% disagree. We are effectively hiring “digital employees” and handing them the keys to the kingdom without the oversight we demand of their human counterparts.
The Ghost in the Machine: Why Static Keys are AI’s Best Friend
If over-privileging is the crime, static credentials are the weapon. The report identifies long-lived tokens, passwords, and API keys as the primary mechanism that enables persistent, over-privileged AI access. Despite the risks, 67% of organizations still rely heavily on these static credentials.
This reliance creates a massive “Preparedness Gap.” Organizations with high static credential usage saw a 20-percentage-point increase in reported incidents. Static keys are effectively “invitations” that AI agents use to walk through infrastructure walls; once a key is embedded in an agentic workflow, the window for exploitation remains open indefinitely. Transitioning to identity-native, short-lived access isn’t just a best practice—it’s a requirement for AI safety.
The Organizational Power Shift: Platform Teams Take the Reins
The rise of AI is restructuring the corporate hierarchy. The survey found that 52% of respondents see decision-making power for AI security shifting toward platform and infrastructure teams. In contrast, only 3% of that power has moved toward the executive suite.
This shift is a natural evolution. Because AI is fundamentally an infrastructure problem, the strategy must be driven by the people closest to the plumbing of the system. Executives are often too far removed from the technical nuances of agentic workflows to manage the risk. For the first time, platform teams aren’t just maintaining the engine—they are deciding where the car is allowed to drive.
Conclusion
The window for adjustment is closing. Over half of all leaders (53%) expect AI to run major portions of their infrastructure autonomously within the next three years. Yet, a massive preparedness gap looms: while the majority are racing toward autonomous adoption, only 13% of organizations feel “extremely prepared” for the reality of agentic AI.
The move toward autonomous infrastructure is an inevitability, but its success depends on a fundamental shift in how we manage machine identity. As you audit your own roadmap, the question is no longer about the intelligence of the AI you deploy, but the constraints you place upon it. Is your security model built for a deterministic tool, or is it ready for an autonomous teammate?
