AI security gaps and recommendations revealed in new report from Delinea
A message from: Delinea
AI adoption is outpacing identity security — and the risk is greater than it seems.
Here's the deal: The AI mandate from business leaders is clear: To remain competitive, companies must accelerate AI adoption.
- But in the rush to innovate, identity controls are often relaxed, inconsistently applied, left undefined or ignored entirely.
What you're missing: Legacy security models aren't evolving fast enough to fully monitor new agentic AI operating models.
- Many security models still reflect the old world: static privileges, fragmented visibility and controls that were primarily built for humans.
- In moving to agentic AI operating models, organizations are introducing substantial identity-related risks — much of which remain outside the scope of traditional visibility and governance processes.
In other words: Processes and controls need to catch up to how AI actually operates.
The story: As AI continues to blaze forward, "Delinea's 2026 Identity Security Report: Uncovering the hidden risks of the AI race" reveals that organizations express high confidence in their security readiness for AI while simultaneously admitting they lack the fundamentals to back up that confidence.
- Known as the AI security confidence paradox, 87% of organizations say their identity security posture is prepared to support AI-driven automation at scale, but 46% admit their identity governance is deficient around AI systems.
- This paradoxical thinking indicates organizations may be advancing agentic AI without fully modernizing the identity controls required to support it.
Here's what else: Speed over security remains a major issue with fewer than 1 in 3 organizations saying that security requirements are consistently enforced when they conflict with business speed.
- As organizations move quickly to deploy agentic AI, security teams are often pressured to relax access controls, make exceptions or rely on standing privileges just to keep things moving.
- That creates significant risk at the critical identity layer, determining who (or what) can act.
In other words: The operational and opportunity risks of slowing down AI innovation outweigh the security risks in many business decision-makers' minds.
Plus: AI expansion has significantly increased Non-Human Identity (NHI) risk in the last 12 months, given the limited visibility most organizations have into AI agents.
- 80% of organizations today are unable to always understand why an AI agent performed a privileged action, highlighting challenges with traceability and accountability of automated identities.
- They may request additional access, interact with new systems or trigger privilege changes dynamically, essentially escalating their own privileges.
The impact: Most organizations are granting always-on or standing access privileges to NHIs and AI agents to keep barreling forward with adoption, even if they're aware that it significantly increases their risk posture.
The solution: Delinea is focused on helping organizations close the security gap and better navigate identity governance and AI-related risks.
They provide a modern identity security control plane that helps enterprises:
- Discover every identity.
- Assess identity risk continuously.
- Enforce access in real time across human, machine and AI environments.
The takeaway: Identity security must evolve alongside AI adoption.
- Leaders need to modernize the way they discover and protect access and identity relationships in the AI era so they can innovate quickly without abandoning identity governance in the process.