Cybersecurity Insiders, in collaboration with Saviynt, has released new research indicating that AI identities are increasingly operating within core enterprise systems, often without established governance or visibility.
The study finds that while 71% of CISOs and senior security leaders confirm AI tools have access to core systems such as Salesforce and SAP, only 16% report that this access is governed effectively.
The research highlights a significant visibility gap regarding non-human identities. According to the data, 92% of respondents lack full visibility into AI identities, and 95% expressed doubt in their ability to detect or contain misuse should it occur.
Additionally, 75% of surveyed organizations have already identified unsanctioned AI tools running within their environments.
The findings suggest that enterprises are managing a new class of non-human identities that differ from traditional employee service-account models.
These AI systems can invoke APIs, hold persistent credentials, and operate across applications with limited human oversight, creating a gap between system access and corporate accountability.
“This is no longer a future-state problem,” said Holger Schulze, founder of Cybersecurity Insiders.
“AI already has access to business-critical systems, often with more autonomy and less oversight than any security team would knowingly approve. If organizations cannot identify those accounts, understand their privileges, and enforce policy around them, they do not really control the environments those systems operate in.”
Current enforcement of formal access policies remains low, with 86% of respondents stating they do not enforce such policies for AI identities. Furthermore, only 5% of security leaders feel confident they could contain a compromised AI agent.
The report concludes that as AI continues to integrate into SaaS and cloud workflows, the focus for CISOs must shift toward continuous discovery, classification, and monitoring of machine identities to maintain security standards.
To download the full report: https://www.cybersecurity-insiders.com/portfolio/2026-ciso-ai-risk-report-saviynt/
Cybersecurity Insiders provides independent research and analysis focused on the operational reality of enterprise cybersecurity. We gather insights from senior security and IT leaders to examine how high-level strategies translate into day-to-day execution.
Our analysis identifies the measurable gaps between intended strategy and actual risk exposure, offering a credible, data-driven foundation for security decision-making and industry benchmarking. More: https://cybersecurity-insiders.com
Founder
Holger Schulze
Cybersecuity Insiders
info@cybersecurity-insiders.com
The post The Ungoverned Workforce: Cybersecurity Insiders Finds 92% Lack Visibility Into AI Identities appeared first on Cyber Security News.
The DJI Mini 4K is an excellent quadcopter drone camera for beginners looking to try…
long-press.js is a small JavaScript library which detects and handles the long press/tap event on…
Tension: We perform listening instead of practicing presence, creating distance while appearing close. Noise: The…
Tension: The command-and-control leadership that built successful companies in 2010 now creates anxious, depleted teams.…
A crew member working on the live-action How to Train Your Dragon 2 has reportedly…
Alien: Rogue Incursion - Part One: Evolved Edition is now officially a Nintendo Switch 2…
This website uses cookies.