ai risk today logo svg bl font
Menu
SUBSCRIBE
SUBSCRIBE
ai risk today logo svg bl font
Menu
Most Enterprises Can’t Recover Identity Systems After an AI Agent Breach, Semperis Survey Finds
AI identity security risk in enterprise systems, 2026 Semperis survey. (Image credit: Semperis)

Most Enterprises Can’t Recover Identity Systems After an AI Agent Breach, Semperis Survey Finds

Only 32% of IT and security professionals are very confident they could regain full control after an AI agent exposes admin credentials, while 93% are deploying AI agents for sensitive security tasks.

Key Takeaways

  • 32% of IT and security professionals are very confident they could fully regain identity infrastructure control after an AI agent exposes admin credentials
  • 74% believe AI will increase attacks on their identity infrastructure
  • 93% already use or plan to use AI agents for sensitive security tasks, such as  password resets and VPN access
  • Only 65% fully register, authenticate, and authorize AI identities; 6% don’t track them at all
  • 92% say AI is installed on at least some local machines, giving AI access to SSH and encryption keys

Semperis surveyed 1,100 IT and security professionals across eight countries about how their organizations are deploying AI and how those deployments affect identity security. Respondents came from the US, UK, Germany, France, Italy, Spain, Australia, and Singapore, across industries including banking, healthcare, government, and manufacturing. The data reveals a widening gap between how aggressively organizations integrate AI into sensitive identity systems and how prepared they are to recover when those systems are compromised.

 

Confidence gap

Only 32% of respondents are very confident they could regain control of their identity infrastructure if an AI agent exposes admin credentials. 27% say they are only partially confident.

That number is concerning given how much access AI agents already have. 93% of organizations already use or plan to use AI agents for sensitive security tasks such as password resets and VPN access. 29% have already deployed them; 64% plan to within the next year. 92% say AI is installed on at least some local machines where it can access SSH keys, encryption keys, and browser sessions.

“Wiring unguarded AI into Active Directory, Entra ID, or Okta isn’t innovation,” said Tim Brown, former SolarWinds CISO. “It’s the fastest route from ‘productivity booster’ to full-scale business outage.”

 

The attack surface

74% of respondents believe AI will increase the frequency of attacks on identity infrastructure. A separate but related threat: 67% believe attackers will target identity systems to access a company’s broader network.

AI agents compound the exposure. An attacker who gets into a machine running an AI agent, or tricks the agent directly, can ask it to list every credential and access key stored on that machine. The agent does it almost instantly, far faster than any human attacker could.

Semperis Chief Product Officer Alex Weinert, former VP of Identity Security at Microsoft, described overpermissioned AI agents as “sociopathic genius five-year-olds,” capable of doing anything they’re technically permitted to, with no judgment about whether they should.

 

Governance gap

Only 65% of organizations fully register, authenticate, and authorize AI agents. 6% don’t track them at all.

Among organizations that do track them, 57% use the same system as for human identities, while 43% use a separate system. According to Semperis Director of Product Management Sarah Cecchetti, there are serious drawbacks to both. Many agents are short-lived, some running for 30 seconds or less, and don’t fit neatly into a company’s existing permission categories. Organizations that create new roles for each agent end up with bloated user directories, often leaving agents with broader access than their actual tasks require.

Germany and the US lead on formal registration at 72% each. Government organizations lag the most, with only 40% fully tracking AI identities and only 4% very confident in their recovery capability.

 

Governance as a near-term priority

83% of respondents say AI identity governance is a priority for the next 12 months. Only 10% say it is not.

Several studies have found a significant gap between AI deployment and governance. AI Risk Today published several articles on this gap and the associated risks, including reports from Delinia, Kroll, and others.

Clayton Rifkind

Clayton Rifkind is the Founder and Senior Editor of AI Risk Today. He also advises on content development for esgtoday.com, a leading source of ESG investment news and research for institutional investors and corporate leaders. He has 20+ years experience in B2B technology marketing, leading strategy and execution of go-to-market plans across software, enterprise platforms, and mobile applications. He also founded two marketing consultancies, advising startups and Fortune 1000 companies, including Autodesk, Intel, and Microsoft. Clayton began his career in the San Francisco advertising scene, working with brands such as Hewlett-Packard, Intel, Microsoft, Symantec, and Wells Fargo.

Essential AI Risk Intelligence

Daily insights on AI governance, regulation, and enterprise risk management. Trusted by Chief Risk Officers and compliance leaders globally.

SUBSCRIBE

By subscribing, you agree to receive our daily newsletter. Unsubscribe anytime.

Advertise with AI RIsk Today, Today!