The SANS Institute has sounded a critical alarm about a dangerous disconnect in enterprise digital transformation: the rapid adoption of artificial intelligence is outpacing the security measures needed to protect these systems. Their comprehensive 2026 State of Identity Threats & Defenses Survey, based on interviews with over 500 security professionals globally, reveals that organizations are enthusiastically embracing AI capabilities while leaving dangerous security gaps. This isn’t merely a theoretical concern but an immediate threat landscape that requires urgent attention from CISOs, IT leadership, and board members alike. The findings suggest that we’re witnessing a digital gold rush where security considerations are being treated as an afterthought rather than a foundational requirement.
The emergence of non-human identities (NHIs) represents one of the most significant paradigm shifts in enterprise infrastructure in decades. These entities—including service accounts, API keys, automation bots, and workload identities—now constitute a substantial portion of organizational access, with three-quarters (76%) of companies reporting substantial growth in these automated actors. What makes this trend particularly concerning is that these NHIs operate with privileges and access patterns that are fundamentally different from human users, yet many organizations continue to apply traditional security frameworks designed for human-centric access controls. This mismatch creates vulnerabilities that threat actors are already beginning to exploit in sophisticated attacks against enterprise environments.
Agentic AI represents an even more complex security challenge than traditional automation. The SANS research indicates that 74% of organizations have already deployed AI agents or automations requiring credentials, and these systems are fundamentally different from conventional NHIs. Unlike traditional automation that follows pre-programmed scripts, agentic AI systems interpret natural language instructions, make contextual decisions, and can take autonomous actions. This capability introduces new attack vectors including prompt injection, hallucination-based errors, and unintended data access. The machine-speed execution of these systems means that security incidents can propagate through an organization in milliseconds—far faster than human teams can respond, creating an asymmetry in the cybersecurity equation.
Traditional security approaches simply don’t scale to address the unique challenges posed by agentic AI. Legacy access management systems built around human-centric principles struggle with the dynamic, context-aware nature of AI agents. These systems typically rely on static permissions, periodic access reviews, and manual approval processes that can’t keep pace with machine-speed operations. Furthermore, the complexity of AI systems makes it difficult to implement effective least-privilege access models, as AI agents often require broad access to complete their tasks. This creates a fundamental tension between operational effectiveness and security requirements that most organizations have yet to resolve through architectural innovation.
The credential hygiene problem revealed in the SANS survey paints a stark picture of organizational vulnerability. An astonishing 92% of organizations fail to rotate machine credentials on the recommended 90-day cycle, largely out of fear that such rotations might break critical service accounts. This conservative approach to credential management creates a rich target environment for attackers who can compromise credentials and maintain persistent access to systems. The situation is exacerbated by the fact that 59% of organizations rotate fewer than half of their NHI credentials quarterly, while 15% don’t even track their rotation rates at all. This lack of credential hygiene creates vulnerabilities that can be exploited by attackers seeking lateral movement within compromised networks.
What makes agentic AI particularly dangerous is its unpredictable nature compared to traditional NHIs. While conventional automation follows fixed logic paths with predictable outcomes, agentic AI systems interpret instructions and can take actions that weren’t explicitly programmed. This unpredictability means that even well-designed security controls may fail to anticipate all possible behaviors. The risk of hallucination—where AI systems generate incorrect or false information—further compounds these security concerns. An AI agent might misinterpret a security context and take actions that inadvertently expose sensitive data or disrupt critical systems. This fundamental unpredictability requires new approaches to security that focus on containment, monitoring, and rapid response rather than prevention alone.
Market analysis from industry analysts like Forrester reinforces the urgency of this issue. The firm warned last year that an agentic AI deployment would cause a publicly disclosed data breach by the end of 2026, underscoring that this isn’t merely a theoretical risk. Organizations are collectively rushing to implement AI capabilities without developing corresponding security frameworks, creating a systemic vulnerability. This rush is driven by competitive pressures and market expectations rather than careful risk assessment. As AI becomes table stakes for business operations, organizations that fail to implement robust security measures risk not just data breaches but also regulatory penalties, reputational damage, and loss of customer trust. The market is creating incentives for speed over security, with potentially catastrophic consequences.
The organizational challenges in securing AI initiatives go beyond technical limitations. Many companies lack the cross-functional coordination needed to address AI security comprehensively. The typical siloed approach—where security teams operate separately from development, operations, and business units—creates gaps in protection. AI security requires collaboration between security professionals, data scientists, infrastructure teams, and business leaders to establish appropriate guardrails. Furthermore, the rapid pace of change in AI technology makes it difficult for security policies to keep pace with new capabilities. Organizations are struggling to develop governance frameworks that can evolve alongside their AI implementations, creating a moving target for security teams attempting to establish controls.
Richard Greene’s warning from the SANS Institute highlights a fundamental governance gap: organizations are delegating decision-making power to AI systems faster than they’re developing frameworks to control them. The human element in AI security governance remains critically important, yet underdeveloped. While nearly 40% of organizations now use human-in-the-loop approvals for AI agent actions, this approach doesn’t scale effectively as AI becomes more deeply embedded in core business processes. The challenge is particularly acute in organizations where AI systems have transitioned from pilot programs to production environments without corresponding security maturation. This governance lag creates a dangerous window where AI systems operate with significant autonomy but minimal oversight, effectively creating privileged insiders operating at machine speed.
The potential consequences of inaction regarding AI security are severe and multifaceted. Beyond the immediate risk of data breaches and system disruptions, organizations face long-term strategic risks including erosion of customer trust, regulatory non-compliance, and competitive disadvantage. An AI-related security incident could trigger cascading failures across interconnected systems, creating business continuity challenges that extend far beyond the initial compromise. Furthermore, as AI systems become more integrated into critical infrastructure, the potential impact of successful attacks increases dramatically. Organizations that fail to address these proactively may find themselves playing defense against increasingly sophisticated attacks while simultaneously struggling to maintain operational effectiveness in an AI-enabled business environment.
The SANS Institute’s recommendations for securing agentic AI provide a starting point for organizations seeking to close the security gap. The call for secrets vaults, automated credential rotation, and scoped least-privilege access reflects a recognition that traditional approaches are insufficient. However, the emphasis on scaling these measures to match the growth of NHIs suggests that partial solutions won’t suffice. Organizations need comprehensive security frameworks that address the entire AI lifecycle—from development and deployment to operation and decommissioning. This includes continuous monitoring of AI behavior, anomaly detection systems, and automated response capabilities that can intervene when AI systems exhibit potentially dangerous behaviors. The solution isn’t merely technical but requires organizational commitment and strategic alignment between business objectives and security requirements.
Organizations seeking to secure their AI initiatives should adopt a pragmatic, multi-layered approach. First, conduct a comprehensive inventory of all AI systems and their associated credentials, establishing clear visibility into the agentic landscape. Second, implement automated credential management systems that can rotate secrets without disrupting service continuity—a technical challenge that requires careful planning and testing. Third, develop AI-specific access controls that provide least-privilege access while maintaining operational effectiveness. Fourth, establish human oversight mechanisms that scale with the increasing autonomy of AI systems. Finally, invest in continuous monitoring and anomaly detection systems specifically designed to identify unusual AI behavior. These measures won’t eliminate risk entirely, but they can significantly reduce the attack surface while maintaining the operational benefits of AI adoption. The key is treating AI security not as a one-time project but as an ongoing process of adaptation and improvement.