Delinea Report Finds 90% of Organizations Pressure Security about AI Governance

New research highlights visibility gaps around AI-driven identities, rising NHI risks, and an AI security confidence paradox

SAN FRANCISCO – March 18, 2026 – Delinea, a pioneering provider of solutions for securing human and machine identities through centralized authorization, today published new research examining how rapid AI adoption is reshaping identity security risks for enterprises. According to the report, “Uncovering the Hidden Risks of the AI Race,” 90% of organizations pressure security teams to loosen identity controls to enable AI initiatives, despite significant gaps in AI identity discovery, monitoring, and privilege control. The report also reveals an AI security confidence paradox between organizations’ perceived readiness for AI and their actual capabilities to adopt it securely.

Based on a global survey of over 2,000 IT decision-makers actively using or piloting AI, and insights from the Delinea Labs research team on real-world cyber incidents, the report finds organizations struggling to maintain visibility and governance as AI-driven automation rapidly expands the number of identities in enterprise environments. Nearly 90% of respondents report at least one identity visibility gap, with the largest gap tied to machine and non-human identities (NHIs)—including accounts used by AI agents. Respondents also said these discovery gaps are most likely to persist in AI-related environments, occurring at nearly double the rate seen in legacy or on-premises systems.

“The pressure to move fast on AI is real, but identity governance has not kept pace, which exposes enterprises to significant risk,” said Art Gilliland, CEO at Delinea. “As AI agents multiply across enterprise environments, these identities often have the least oversight. The organizations that will succeed in the AI era will be the ones that enforce real-time, contextual access across every human, machine, and agentic AI identity.”

Key findings from the report include:

• AI expansion is driving non-human identity risk: 42% of organizations say AI expansion has been one of the top factors increasing NHI risk in the past 12 months, far surpassing increased automation and CI/CD velocity (26%) and growth in cloud-native workloads (26%).
• Limited visibility into privileged AI actions: 80% of organizations say they are unable to always understand why an NHI performed a privileged action, highlighting major challenges with traceability and accountability for automated identities.
• Standing access remains the norm: 59% of organizations report lacking viable alternatives to standing privileged access for NHIs and AI agents, increasing the risk that automated identities retain persistent permissions that could be exploited.

The AI security confidence paradox

Despite clear governance gaps, many organizations remain confident in their readiness for AI adoption, highlighting a disconnect between perceived and actual security maturity. While 87% of respondents say their identity security posture is ready to support AI-driven automation, nearly half (46%) admit their identity governance around AI systems is deficient. Organizations were also twice as likely to rate their ability to discover and govern identities in AI environments poorly, compared to legacy systems. Similarly, while 82% express confidence in discovering NHIs with access to production systems, fewer than one in three organizations validate NHI or AI agent activity in real time to ensure discovery processes are working.

As AI agents begin accessing critical infrastructure and enterprise data, organizations need stronger ways to discover all identities, manage privileges, and audit activity across humans, machines, and AI agents. Delinea delivers a unified approach by combining cryptographic identity, contextual access controls, JIT runtime authorization, and full session visibility to ensure AI-driven automation operates securely and transparently. By providing a single access experience across infrastructure with built-in auditing and least-privilege enforcement, Delinea enables organizations to adopt AI without introducing unmanaged access risk.

To learn more about how organizations can manage identity risks introduced by AI-driven automation, download a copy of the report here: https://delinea.com/resources/ai-and-identity-security-report-pdf

About Delinea  

Delinea is a pioneer in securing human and machine identities through intelligent, centralized authorization, empowering organizations to seamlessly govern their interactions across the modern enterprise. Leveraging AI-powered intelligence, Delinea’s leading cloud-native Identity Security Platform applies context throughout the entire identity lifecycle – across cloud and traditional infrastructure, data, SaaS applications, and AI. It is the only platform that enables you to discover all identities – including workforce, IT administrator, developers, and machines – assign appropriate access levels, detect irregularities, and respond to threats in real-time. With deployment in weeks, not months, 90% fewer resources to manage than the nearest competitor, and a 99.995% uptime, the Delinea Platform delivers robust security and operational efficiency without complexity. Learn more about Delinea on LinkedIn, X, and YouTube.