A new era of autonomous AI is rewriting the rules of identity security — but most enterprises are still playing by the old ones.
As autonomous systems embed across the enterprise, machine-driven identities are multiplying — and so is the attack surface. Security leaders are responding with urgency. But investment is not outcome.
The message from the boardroom is clear: non-human identities are a priority. As AI agents become embedded in everyday workflows — orchestrating tasks, accessing data, acting on behalf of users — the identity perimeter has fundamentally changed.
Three in four security leaders report their concern about NHI-related threats has risen in the past year. Nearly two-thirds classify investment in this space as an immediate or high priority.
But investment alone isn't closing the gap. Structural weaknesses in governance, visibility, and execution are limiting impact where it matters most.
"The rise of agentic AI signals both progress and pressure for enterprise security. Without radically rethinking identity infrastructure, the disconnect between investment and impact will persist."
— Jim Alkove, Co-founder & CEO, OleriaFor the first time, non-human actors — not privileged users — are the identity types security leaders fear most.
When asked which identity types pose the greatest governance and security risk, AI agents topped the list by a significant margin — cited by 61% of leaders. API keys/tokens (42%) and Bots/RPA identities (42%) followed closely.
This marks a fundamental shift in the enterprise threat landscape. AI agents represent a new class of identity that most governance frameworks were never designed to manage.
Leaders feel prepared. The data tells a different story.
Ask most security leaders whether they can detect a rogue AI agent, and they'll say yes. Ask whether they have the infrastructure to back that up, and the answer gets complicated.
93% express at least some confidence in detecting anomalous identity behavior from agentic AI. But confidence is not capability — and the incident data makes the gap visible.
Confidence without operational capability creates the most dangerous kind of false security — the kind that prevents organizations from taking the steps they actually need.
Nearly four in five security leaders report their organization has experienced a risk event related to non-human identities in the past 12 months. These aren't edge cases.
Only 22% of leaders have fully implemented an identity security strategy designed for environments where AI agents autonomously request, create, or use identities and permissions. Nearly 4 in 10 are still exploring. The intent is there. The execution is not.
Only 10% of leaders say access decisions are always based on actual usage, behavior, or contextual risk. 62% rely on behavioral data only "sometimes" or "rarely."
In a world where AI agents operate at machine speed, access decisions rooted in last quarter's role assignments create exactly the permission gaps that attackers — and misbehaving agents — exploit.
Identity is the enforcement layer — but when it's splintered, enforcement fails.
Identity should function as a unified control plane. In practice, it's a patchwork — different tools, owners, and processes operating without a shared view of risk.
The top barrier isn't budget, talent, or technology maturity. It's tool fragmentation across security and IAM teams — named by nearly half of all leaders as their single biggest obstacle.
Tool fragmentation doesn't just create operational headaches. It creates attack surfaces — gaps that AI agents can cross at machine speed, without triggering any alarm.
43% are governing 6–10 distinct identity applications today — each with its own data model, each a potential blind spot for AI agent privilege misuse.
43% also say business units adopt applications without centralized oversight. Identities are being created and granted access in systems security teams may not even know exist.
When business units operate outside the identity perimeter, every new application becomes a potential unmonitored attack surface for AI-driven exploitation.
Legacy IGA was built for humans. The agentic era demands something fundamentally different.
IGA frameworks were designed around a core assumption: identities belong to people. Access reviews happen quarterly. Policy changes take weeks. In a world where AI agents can request, create, and use identities at machine speed, every assumption becomes a liability.
AI agents don't wait for the quarterly access review. Governance that takes months to update creates exactly the window attackers — and misbehaving agents — exploit.
52% say current tools are less effective for NHIs than for human identities — either slightly (38%) or significantly (14%). The tools aren't broken; they were built for a different era.
34% of leaders confirm compliance requirements are driving manual identity processes. When access reviews exist to satisfy auditors rather than enforce least privilege, they become security theater — contributing to rubber-stamp reviews and bloated permission sets.
Compliance-driven processes don't just slow teams down — they actively work against the adaptive, behavioral governance needed to manage AI agents in real time.
The gap between investment and impact won't close on its own. Three foundational shifts are required.
Investment is real. Urgency is real. But the underlying infrastructure was built for a different era. Identity security designed for human users, quarterly reviews, and static role assignments cannot protect against autonomous AI agents operating at machine speed across multiple systems.
The Securing the Agentic Enterprise: Identity Investment and Risk Report was conducted by Wakefield Research among 400 U.S. Identity Security and Management Leaders at organizations with a minimum of 1,000 employees. Qualifying respondents included CISOs, Security Executives (Director+), and IT Executives (VP+) with responsibility for identity access management, security, governance, or compliance. The survey was conducted between February 2–14, 2026, using an email invitation and online survey. Function quotas: CISO (n=100), Security Executives (n=150), IT Executives (n=150). Margin of error: ±4.9 percentage points at the 95% confidence level for the total sample.