Identity security is facing new challenges as rapid AI adoption reshapes enterprise risk landscapes, according to new research from Delinea. The report, “Uncovering the Hidden Risks of the AI Race,” highlights how organizations are struggling to balance innovation with protection.

According to the findings, 90% of organizations are pressuring security teams to loosen identity controls to support AI initiatives. However, significant gaps remain in AI identity discovery, monitoring, and privilege management. As a result, a gap is emerging between perceived readiness and actual security capabilities.

The study is based on a global survey of over 2,000 IT decision-makers using or piloting AI. It also includes insights from Delinea Labs on real-world cyber incidents. Notably, organizations report difficulty maintaining visibility and governance as AI-driven automation increases the number of identities in enterprise environments.

Moreover, nearly 90% of respondents identified at least one identity visibility gap. The largest gap relates to non-human identities, including those used by AI agents. These gaps are more common in AI environments and occur almost twice as often as in legacy systems.

Art Gilliland, CEO at Delinea, said the pressure to accelerate AI adoption is outpacing identity governance. He added that AI agents often operate with limited oversight. Therefore, organizations must enforce real-time, contextual access controls across human and machine identities.

The report also highlights that 42% of organizations see AI expansion as a key driver of non-human identity risk. This figure is significantly higher than risks linked to automation and CI/CD pipelines or cloud-native workloads, both at 26%.

In addition, 80% of organizations said they cannot always understand why non-human identities perform privileged actions. This indicates major challenges in traceability and accountability. At the same time, 59% reported lacking alternatives to standing privileged access, increasing the risk of persistent permissions being exploited.

However, despite these gaps, confidence remains high. About 87% of respondents believe their identity security posture is ready for AI-driven automation. Yet, nearly 46% admit their identity governance for AI systems is still inadequate.

Furthermore, organizations were twice as likely to rate their ability to manage identities in AI environments poorly compared to legacy systems. While 82% expressed confidence in discovering non-human identities, fewer than one-third validate AI agent activity in real time.

As AI agents increasingly access critical infrastructure and enterprise data, organizations need stronger mechanisms to discover identities, manage privileges, and audit activities. Delinea offers a unified approach that combines cryptographic identity, contextual access controls, just-in-time authorization, and full session visibility.

Ultimately, the report emphasizes that strengthening identity security is essential for organizations aiming to adopt AI securely while minimizing unmanaged access risks.

Related post

View all