Identity , IAM Technologies , Decentralized identity and verifiable credentials , AI/ML , AI benefits/risks , Application security Most security pros say managing identity has become a major challenge May 6, 2026 Share By Steve Zurier (Adobe Stock) The vast majority of 3,200 cybersecurity and senior IT leaders surveyed by Keeper Security — 89% — are finding managing the growing identity footprint a major challenge. Based on responses from security pros across the United States, Europe, Asia-Pacific, and the Middle East, the survey released May 6 also found that 96% said that disconnected and poorly integrated security tools have created exploitable gaps for organizations. Another telling stat: 72% of organizations said they don’t detect credential misuse in real-time, with most taking hours and in some cases, days or weeks, to identify unauthorized privileged access. "The findings in this research make one point unmistakably clear: identity is now enterprise infrastructure, and most organizations are not governing it that way,” said Darren Guccione, co-founder and CEO at Keeper Security. “When 72% of organizations cannot detect credential misuse in real time and 64% lack fully consolidated privileged access governance, the exposure is not theoretical — it’s operational.” Guccione offered three steps security teams should take to prioritize identity: Consolidate identity authority: The vast majority of respondents cite disconnected or poorly integrated security tools as creating exploitable gaps. Organizations have layered identity providers, cloud access controls and privileged access management (PAM) platforms on top of one another over years, each solving a discrete problem in isolation. The result has been a distributed model of authority where policies are defined in one place and enforced in another — or not enforced at all. Security teams need to treat fragmented identity governance as the structural risk it is and drive toward a single, unified control plane that spans human and non-human identities (NHIs) alike. Get serious about privilege: Privilege is no longer confined to a handful of administrative accounts. It lives inside automation pipelines, service accounts, AI agents and cloud-native workflows. Yet well more than half of organizations are still operating with partial or no consolidated management of privileged access. That’s an enormous exposure as AI adoption accelerates and the number of NHIs multiplies. Security teams must audit where elevated permissions exist, enforce least-privilege access and eliminate standing credentials wherever possible. Time-limited, session-recorded access has become the new standard — not a best practice reserved for the most mature organizations. Close the detection gap before it becomes a breach: Fifty-one percent of organizations identify credential misuse within hours — not seconds or even minutes. In an environment where AI agents and automation execute continuously, hours are an eternity. Detection tempo should ultimately become a function of architecture: the more coherently identity governance, privilege enforcement and monitoring operate together, the faster anomalies surface. Security teams should evaluate not just whether they have monitoring in place, but whether that monitoring was integrated tightly enough to keep pace with machine-speed execution. Alex Gardner, director of product marketing at XM Cyber, said Keeper Security’s findings are on the right track in that identities, permissions and privileges are a major blind spot for many enterprises. Gardner said dealing with cloud, AI, and distributed workforces has led to an explosion in the number of identities (both human and non-human) operating across the environment. “The change in access patterns and increased complexity in how these entities interact is a pervasive challenge,” said Gardner. “This has impacted teams of all shapes and sizes across nearly every sector.” Gardner added that control has definitely been fragmented as access and identity security controls are managed by various teams across myriad tools. This disjointed management structure naturally leads to visibility gaps and ultimately identity risk that attackers can weaponize, said Gardner. “Start by scrutinizing AI identities like a human,” said Gardner. “Many organizations have curated templates for creating new identities, defining necessary permissions, and monitoring for configuration drift over time. The same must be done for NHIs such as machine service accounts and AI users. Typically, NHIs have elevated permissions and access rights because of the automated nature of their tasks, but they are often subject to less scrutiny than human users.” Jacob Warner, director of IT at Xcape, Inc., added that the Keeper Security survey confirmed that enterprises are facing an "identity debt" crisis where the velocity of AI adoption has far outpaced our governance of NHIs. Warner said it’s no longer a simple perimeter problem: it’s a structural failure where 96% of leaders admit their security silos are creating exploitable gaps for machine-speed attacks. “As AI agents and automated workflows multiply, they create a ‘shadow’ ecosystem of privileged access that legacy, human-centric IAM systems cannot track,” said Warner. “Security teams must first move beyond static credentials and implement automated NHI lifecycle management that treats AI agents as first-class security principals. Warner said organizations also need to consolidate their identity authority into a unified control plane that integrates with Shadow AI discovery tools to eliminate the 42% visibility gap. Finally, Warner said teams must shift from passive logging to active identity threat detection and response (ITDR) to close the detection window, which today leaves credential misuse unaddressed for days. Elad Luz, head of research at Oasis Security said to reduce the risks associated with NHIs, security teams must implement modern identity management practices, strong governance, and proactive security controls. Luz said wherever possible, organizations should transition to cloud-native identities and establish a wide-ranging lifecycle management strategy for NHIs that cannot be migrated. “Maintaining good identity hygiene is vital,” said Luz. “This includes the removal of stale or unused NHIs, conducting regular access reviews, and ensuring NHIs follow the principle of least rivilege by granting only the minimum permissions necessary.” Steve Zurier Related Identity CloudZ RAT plugin targets Windows Phone Link for possible OTP theft Laura French May 6, 2026 The Pheno plugin monitors active Phone Link connections to eavesdrop on texts and notifications. Mergers and Acquisitions Cisco to acquire Astrix Security to bolster AI agent defenses SC Staff May 5, 2026 The acquisition aims to integrate Astrix's capabilities, particularly its focus on "non-human identities" like machine-to-machine connections, into Cisco's Identity Intelligence platform. Email security Amazon SES abused for sophisticated phishing attacks SC Staff May 5, 2026 Attackers are leveraging Amazon SES, a legitimate and trusted service, to send malicious emails that bypass authentication checks like SPF, DKIM, and DMARC. Related Events Cybercast IAM for MSSPs: Real-World Deployments Mon May 18 Cybercast Privilege risk is in the lifecycle: A CISO discussion on modernizing identity control On-Demand Event Cybercast The industrialization of identity compromise On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Authentication Authorization Banner Basic Authentication Certificate-Based Authentication DLL Injection Digital Certificate Form-Based Authentication Mutual Authentication Password Authentication Protocol (PAP) You can skip this ad in 5 seconds