The State of Identity Security in the AI Era

AI is quietly redrawing attack boundaries around global identity fabrics.

Get the report Learn About Agentic AI + Identity

In a world where ransomware can shut down hospitals and pipelines, wiring unguarded AI into Active Directory, Entra ID, or Okta isn’t innovation—it’s the fastest route from ‘productivity booster’ to full-scale business outage.
Tim Brown Former SolarWinds CISO and Team8 CISO in Residency

Is your organization ready for AI identity risks?

The accelerated use of AI throughout global enterprises is introducing a wave of generative AI tools and a bevy of AI agents, each with its own non-human identity.

NHIs already vastly outnumber human users 10:1, according to Microsoft, with that ratio trending toward a 100:1 ratio as agentic and workload identities proliferate.

How are these new “coworkers” affecting your cyber resilience?

Get the report

74%

believe that AI functionality will increase attacks on the identity infrastructure

32%

increase in identity-based attacks in the first half of 2025 (Microsoft)

Most organizations are racing to modernize identity defenses and recovery plans for a world where machine-speed mistakes can have human-scale consequences. Until identity resilience and cyber crisis response are treated as core business priorities—not just IT projects— that number is unlikely to move.
Stuart McClure Entrepreneur and CEO, Wethos AI

It’s 10 PM. Do you know where your AI agents are?

Each new agent, service principal, and low-code “helper” becomes another potential entry point to identity systems.

Plus, AI support agents are often overpermissioned in ways that may have unintended consequences—such as “helpfully” reconfiguring security settings or granting access in ways that can lock entire teams out of their identity systems or punch holes in corporate VPNs.

When those same agents sit on local machines with access to SSH keys, password managers, and browser sessions, an attacker who compromises the endpoint—or socially engineers the agent—can simply ask, “What secrets are on this machine?” and let the agent enumerate credentials and vulnerabilities at machine speed.

See the stats

29%

already use AI agents for security-related help desk tickets

64%

will use AI for such tickets within the next 12 months

92%

have AI installed on some percentage of local workforce machines

Only

32%

are very confident they could fully regain identity infrastructure control after an AI-related breach

What’s striking isn’t just how quickly AI is being integrated into identity systems but how unprepared many organizations are to recover when things go wrong. Introducing AI at the identity layer offers operational advantages, but it must be accompanied by guardrails, observability, and recovery readiness. It’s a new dimension of an old question, really: Are you resilient enough to respond in the event of critical disruption?
Grace Cassy Partner, Ten Eleven Ventures

Are you ready for an AI-incited identity breach?

Combined with the evidence that most permissions in identity systems are unused or overpermissioned—and that 80% of workload identities are effectively abandoned but still retain access—the ground is fertile for “zombie” agents and shadow NHIs that attackers can quietly hijack.

In an agentic world, identity sprawl isn’t just a hygiene problem; it is the front line of the attack surface.

Learn how to prepare for AI risks

65%

fully register, authenticate, and authorize AI agents

83%

are prioritizing AI governance this year

Chris Inglis, former US National Cyber Director

The pattern of global organizations overestimating how quickly they can recover from a cyberattack is real, especially when identity is within the blast radius. On paper, organizations have plans and backups; in practice, identity failures turn technical incidents into prolonged business crises, exposing a dangerous gap between perceived resilience and reality.
Chris Inglis Former U.S. National Cyber Director and Semperis Strategic Advisor