SANS Institute Warns of Governance Gaps as AI Agents Increase Non-Human Identities

What's Happening? The SANS Institute has highlighted significant governance challenges as organizations rapidly integrate AI into their operations. According to the 2026 SANS State of Identity Threats & Defenses Survey, 76% of organizations report an increase in non-human identities (NHIs) such as s

Summarized by AI ⓘ

AI & New Tech

SEE ALL

Trendline

Ford and Sharrow Engineering Reduce Propeller Production Time to Two Weeks

Trendline

IBM Highlights Open Source as Key to AI Infrastructure Security

Trendline

Amazon Delays Launch of Leo Satellite Network, Impacting Competition with SpaceX's Starlink

What is the story about?

What's Happening?

The SANS Institute has highlighted significant governance challenges as organizations rapidly integrate AI into their operations. According to the 2026 SANS State of Identity Threats & Defenses Survey, 76% of organizations report an increase in non-human

identities (NHIs) such as service accounts and automation bots. A growing number of these are linked to agentic AI, with 74% of organizations using AI agents that require credentials. This surge in NHIs has led to a doubling or tripling of such identities within organizations. The report warns that agentic AI, which can interpret instructions and take unpredictable actions, poses a new security risk that many enterprises are not equipped to manage. The SANS Institute recommends adopting security measures like secrets vaults and automated credential rotation to mitigate these risks.

Why It's Important?

The rapid integration of AI into business operations without adequate governance frameworks poses significant security risks. As AI agents gain more decision-making power, the potential for data breaches and unauthorized access increases. This situation could impact industries reliant on AI for automation, potentially leading to financial losses and reputational damage. Organizations that fail to implement robust security measures may face increased vulnerability to cyber threats. The findings underscore the need for a coordinated, security-first approach to AI deployment to protect critical infrastructure and data.

What's Next?

Organizations are expected to enhance their security protocols to address the challenges posed by agentic AI. This includes implementing human-in-the-loop approvals for AI actions and adopting a minimum viable security approach. As AI systems transition from pilot projects to core operations, businesses will need to scale their security efforts to keep pace with the growth of NHIs. The SANS Institute's recommendations may prompt companies to invest in advanced security technologies and training to safeguard against potential AI-related threats.