The SANS Institute warns that the rapid adoption of AI in enterprise workflows risks outpacing security measures, highlighting severe credential hygiene issues. The 2026 SANS State of Identity Threats & Defenses Survey, involving over 500 security professionals globally, found that 76% of organizations are increasing non-human identities (NHIs) like service accounts and API keys, with 74% utilizing agentic AI that requires credentials.
These NHIs have doubled or tripled, presenting new security challenges. Agentic AI can perform unpredictable actions, escalating risks similar to those posed by over-privileged insiders. With a looming risk of data breaches, Forrester emphasizes adopting a “minimum viable security” approach.
The study reveals a lack of coordinated governance, as 92% of organizations neglect rotating machine credentials regularly. SANS recommends implementing secrets vaults, automated credential rotation, and strict access controls to counterbalance the growth of AI risks effectively.
Source link
