Study finds that AI deployments require trade-offs between speed and identity security
A new report from Delinea, a provider of identity security solutions for both human and AI agent identities, says that AI adoption is forcing businesses to trade security for speed, with identity management being the first casualty.
Key findings from the 2026 Identity Security Report show that 90% of organizations are forcing security teams to relax AI identity management.
Simply put, organizations are prioritizing speed over security when deploying AI tools, and leaders are focusing on faster adoption to drive productivity gains.
The big problem is that it leaves organizations highly exposed to security vulnerabilities. Despite significant gaps in AI identity detection, monitoring, and privilege control, enterprises are rapidly moving forward with AI initiatives.
“The pressure to move quickly with AI is real, but businesses are at significant risk because identity governance has not kept up,” said Art Gilliland, CEO of Delinia.
Delinea surveyed more than 2,000 IT decision makers who are actively using or experimenting with AI. According to the report, 90% of respondents had at least one identity visibility gap, with the largest gaps related to machine and non-human identities (including accounts used by AI agents).
“As AI agents proliferate across enterprise environments, these identities often receive the least amount of oversight,” Gilliland said. “Organizations that succeed in the AI era will be those that enforce real-time, contextual access across the AI identities of every human, machine, and agent.”
Other findings from the report include:
- Expansion of AI increases non-human identity risks: 42% of organizations say the expansion of AI has been one of the biggest drivers of increasing NHI risk over the past 12 months, far exceeding increased automation and CI/CD velocity (26%) and growth in cloud-native workloads (26%).
- Limited visibility into privileged AI actions: 80% of organizations say they can’t always understand why an NHI performed a privileged action, highlighting major challenges around automated identity traceability and accountability.
- Standing access remains the standard: 59% of organizations report that they have no viable alternatives to permanent privileged access for NHI and AI agents, increasing the risk of automated identities holding persistent permissions that can be misused.
The result of all this is that traditional identity protection has not kept pace with AI, and the loosening of identity controls has exponentially expanded the attack surface for malicious actors.
The report concluded that AI will continue to disrupt traditional security models as enterprises allow lax security controls and more identities and access points emerge.
“It is clear that organizations cannot afford to delay AI adoption,” says Delinea. “However, this study shows that identity security will also need to evolve as AI is introduced.”
The full report is available on the Delinea site.
