Assessment of Enterprise Security Gaps in AI and Non-Human Identity Management
In recent discussions at the prestigious RSA Conference 2026 in San Francisco, Keeper Security unveiled significant vulnerabilities in how enterprises manage access for non-human identities (NHIs), which include AI agents and machine-driven tools. This research, based on a survey of 109 cybersecurity professionals, shows alarming trends that could jeopardize organizational security as businesses increasingly rely on AI for operational efficiency.
According to the survey, almost half of the respondents (46%) reported that AI-driven applications have been granted access to critical company systems without adequate governance and oversight. Moreover, a staggering 76% indicated that these identities are not consistently regulated by established policies governing privileged access. As the use of AI tools rises, so do the risks associated with improper access management.
Visibility into these NHIs remains a major concern. Notably, only 28% of organizations claimed to have complete visibility over their NHIs across various platforms, including cloud and on-premises infrastructures. This lack of insight significantly heightens risk, with over half of the respondents (53%) identifying inadequate visibility concerning AI and automation as their top security threat. The absence of centralized verifying mechanisms hampers the ability of security personnel to enforce the principle of least privilege, leading to potential unauthorized accesses that could trigger severe security incidents.
The report further revealed that security models have not adapted to keep pace with the growing array of identities. Many organizations still manage NHIs through disparate tools and across different teams, which often leads to inconsistent policies and fragmented oversight. This challenge is compounded by the inadequate use of automated solutions, with only 26% of participants utilizing automated detection and response systems to monitor activities related to NHIs. Most enterprises rely heavily on manual processes, which are increasingly ineffective in environments characterized by constant automation and interoperability between systems.
Darren Guccione, CEO and co-founder of Keeper Security, emphasized,
According to the survey, almost half of the respondents (46%) reported that AI-driven applications have been granted access to critical company systems without adequate governance and oversight. Moreover, a staggering 76% indicated that these identities are not consistently regulated by established policies governing privileged access. As the use of AI tools rises, so do the risks associated with improper access management.
Visibility into these NHIs remains a major concern. Notably, only 28% of organizations claimed to have complete visibility over their NHIs across various platforms, including cloud and on-premises infrastructures. This lack of insight significantly heightens risk, with over half of the respondents (53%) identifying inadequate visibility concerning AI and automation as their top security threat. The absence of centralized verifying mechanisms hampers the ability of security personnel to enforce the principle of least privilege, leading to potential unauthorized accesses that could trigger severe security incidents.
The report further revealed that security models have not adapted to keep pace with the growing array of identities. Many organizations still manage NHIs through disparate tools and across different teams, which often leads to inconsistent policies and fragmented oversight. This challenge is compounded by the inadequate use of automated solutions, with only 26% of participants utilizing automated detection and response systems to monitor activities related to NHIs. Most enterprises rely heavily on manual processes, which are increasingly ineffective in environments characterized by constant automation and interoperability between systems.
Darren Guccione, CEO and co-founder of Keeper Security, emphasized,
Topics Other)
【About Using Articles】
You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.
【About Links】
Links are free to use.