Enterprise Concerns Over Securing Non-Human Identities
Organizations are increasingly challenged by the rapid proliferation of non-human identities (NHIs), such as service accounts, API keys, digital certificates, access tokens, automated bots, IoT devices, and AI agents. More than half of enterprises surveyed express uncertainty about their ability to secure these NHIs, highlighting a significant gap between the adoption of automated digital identities and the maturity of tools and processes to protect them. The complexity and diversity of NHIs, which now form the backbone of modern digital infrastructure, have outpaced traditional identity and access management strategies, leaving organizations exposed to new risks.
The exponential growth of NHIs, especially in cloud-native and automated environments, has led to a situation where non-human accounts vastly outnumber human users. This expansion, combined with issues like "secrets sprawl"—where credentials are scattered across codebases and pipelines—creates opportunities for account hijacking, privilege escalation, and lateral movement by threat actors. Security experts emphasize the need for unified visibility, consistent identity policies, and automated responses to address these risks, particularly as NHIs and AI agents become more integral to business operations and the attack surface continues to expand.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
2026 SANS survey finds NHI growth outpacing governance controls
IT Pro reports findings from the 2026 SANS Identity Threats & Defences Survey showing 76% of organizations have increased non-human identity use, while 92% do not rotate credentials on a 90-day cycle. The survey also highlights rising risk from agentic AI deployments that require credentials and autonomous access, with no single safeguard used by more than 40% of organizations.
Dark Reading reports enterprise lack of confidence in securing NHIs
Dark Reading publishes coverage focused on enterprises' lack of confidence in their ability to secure non-human identities. The report reflects mounting concern over managing and protecting machine, service, and workload identities at scale.
SC Media outlines identity security strategy for human and non-human identities
An SC Media perspective article describes growing risk from fragmented identity infrastructures, especially the proliferation of non-human identities such as service accounts, AI agents, and cloud workloads. It recommends unified visibility, consistent policy enforcement, automated response, and continuous validation across the full identity estate.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
Agent identity governance can't keeping up with adoption rates - and it’s creating a security nightmare | IT Pro
itpro.com
Open sourceEnterprises Aren't Confident They Can Secure Non-Human Identities (NHIs)
darkreading.com
Open sourceFour ways to implement an effective identity security strategy
scworld.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Non-Human Identities and Permissions Sprawl in Enterprise Security
Enterprises are facing significant challenges in managing the rapidly expanding attack surface created by both human and non-human identities. Reports highlight that permissions and entitlements are growing at a pace that outstrips the ability of security teams to maintain oversight, with hundreds of millions of active entitlements and billions of permissions in large organizations. This complexity leads to persistent blind spots, including dormant and orphaned accounts that remain active and pose a risk for misuse, as well as the accumulation of 'identity debt' where excessive and unused access quietly increases risk over time. Non-human identities (NHIs), such as machine accounts, tokens, and keys, are becoming increasingly critical in cloud environments. Effective management of these NHIs is essential for reducing risk, improving compliance, and increasing operational efficiency. Automation and centralized secrets management are emphasized as key strategies for maintaining visibility and control over both human and non-human identities, helping organizations address security gaps and reduce operational costs associated with manual oversight and credential management.
Mar 21, 2026
AI Agents and Non-Human Identities as Emerging Cybersecurity Risks
The rapid adoption of AI agents, bots, and other non-human identities (NHIs) is fundamentally reshaping the cybersecurity landscape, introducing new attack surfaces and operational challenges for enterprises. As organizations increasingly rely on automation and AI-driven processes, NHIs are being granted broad access to critical systems, often without the same oversight or security controls applied to human users. This shift has led to heightened risks such as over-permissioned accounts, static credentials, and insufficient monitoring, making NHIs attractive targets for cybercriminals seeking to exploit gaps in identity and access management (IAM). Security leaders are urged to implement zero-trust principles, least-privilege access, automated credential rotation, and robust secrets management to mitigate these risks and prevent privileged account compromise. The complexity of managing AI agents is further compounded by the need for effective governance and the challenge of balancing control with operational simplicity in security operations centers (SOCs). Experts emphasize that adversaries are increasingly "logging in, not breaking in," leveraging weaknesses in identity controls—especially those related to AI agents—to gain unauthorized access. The cybersecurity workforce must adapt, as AI-driven automation is expected to take over high-volume, repetitive tasks, requiring new skills in AI security and orchestration. Organizations are advised to treat every human, workload, and agent as a managed identity, enforce phishing-resistant multi-factor authentication, and continuously monitor for anomalous permission changes or session hijacking to stay ahead of evolving threats.
Mar 21, 2026
Risks and Management of Non-Human Identities in Cloud Environments
Organizations are increasingly challenged by the proliferation of non-human identities (NHIs)—machine-generated credentials such as tokens, keys, and service accounts—that facilitate automated access and communication between cloud applications and services. Effective management of these NHIs is critical, as improper oversight can lead to vulnerabilities, data leaks, and compliance failures. Security experts emphasize the need for a holistic approach to NHI management, covering the entire lifecycle from discovery and classification to threat detection, remediation, and decommissioning. Automated solutions and centralized visibility are highlighted as essential for reducing risk, ensuring regulatory compliance, and optimizing operational efficiency. The importance of NHI management spans multiple sectors, including healthcare, finance, and development operations, where sensitive data and critical systems are at stake. By proactively identifying and mitigating risks associated with machine identities, organizations can strengthen their cloud-native security posture. Key benefits of comprehensive NHI management include reduced breach risk, improved compliance through consistent policy enforcement, enhanced operational efficiency via automation, and better governance through centralized access control. As cloud adoption accelerates, prioritizing NHI security is becoming a cornerstone of modern cybersecurity strategies.
Mar 21, 2026