Veza’s 2026 State of Identity & Access Report reveals alarming trends in identity security, showing that the average enterprise now manages about 100,000 permissions. Notably, 38% of accounts are dormant, while 16.5% of permissions belong to inactive users. Moreover, a staggering 27.8% of permissions lack governance, highlighting a rapidly expanding and unmanageable attack surface. This research underscores the rising risk posed by non-human identities (NHIs) such as AI agents and service accounts, which now outnumber human users 17:1. With only 0.01% of NHIs controlling 80% of cloud permissions, security measures have never been more critical. To combat these threats, Veza recommends that organizations make identity risk a board-level concern, enhance continuous access visibility, and actively manage dormant accounts. Companies like Wynn Resorts and Expedia leverage Veza’s solutions to secure identities effectively. For in-depth insights, access the full report at Veza’s website.
Source link
