As artificial intelligence and automation reshape enterprise infrastructure, securing non human identities has emerged as a critical concern for the cybertech ecosystem. A new study from Keeper Security reveals significant gaps in how organizations manage and protect these rapidly expanding digital identities.
Keeper Security’s findings, based on a survey of 109 cybersecurity professionals conducted at the RSA Conference 2026 in San Francisco, point to a growing reliance on Non Human Identities. These include service accounts, API keys, automation workflows, and AI driven tools that are now deeply integrated into enterprise systems. According to the report, 46 percent of respondents confirmed that AI powered tools have access to critical systems and sensitive data, while 76 percent acknowledged that these identities are not consistently governed under privileged access policies.
A major issue identified in the research is the lack of visibility. Only 28 percent of organizations reported having full visibility into non human identities across cloud, on premises, and SaaS environments. More than half of respondents cited limited visibility into AI, automation, and machine access as their top security risk. Without centralized oversight, security teams struggle to enforce least privilege access and monitor how credentials are being used, increasing the likelihood of excessive permissions and unmanaged access points.
The study also highlights that existing security models are failing to keep pace with the rapid growth of machine and AI driven identities. Many organizations continue to rely on fragmented tools and siloed teams to manage access, leading to inconsistent governance and unclear ownership. This decentralized approach makes it increasingly difficult to maintain control over critical systems as the number of identities continues to scale.
Operational gaps are equally concerning. Only 26 percent of organizations reported using automated detection and response mechanisms to monitor non human identity activity. The majority still depend on manual processes that are not designed to handle the speed and complexity of automated environments. Over 40 percent of respondents said they experienced a security incident involving non human identities or credentials in the past year, while 32 percent were unsure if such incidents had occurred, underscoring significant detection challenges.
“AI and automation are expanding how systems interact and access an organization’s data,” said Darren Guccione, CEO and Co founder of Keeper Security. “That shift introduces new complexity around identity, and requires a unified approach to visibility and control across both human and non-human access.”
The RSA Conference, widely regarded as one of the most influential cybersecurity gatherings globally, provided the backdrop for these insights. The event brings together CISOs, CIOs, and security leaders to address evolving threats such as AI driven attacks, ransomware, and cloud vulnerabilities, making it a critical forum for understanding industry priorities.
As enterprise ecosystems become more automated and interconnected, the importance of securing non human identities continues to grow. Keeper Security emphasizes that modern Privileged Access Management solutions must evolve to provide centralized visibility, enforce least privilege principles, and enable continuous monitoring. Its platform, KeeperPAM, integrates password management, secrets management, and privileged access controls within a zero trust and zero knowledge architecture, aiming to reduce risk across complex environments.
The findings make clear that as AI adoption accelerates, organizations must rethink identity security strategies. Addressing gaps in visibility, governance, and automation will be essential to protecting critical systems and maintaining trust in increasingly machine driven digital ecosystems.
Recommended Cyber Technology News :
- ValorC3 Launches Private Cloud Platform Beyond VMware
- 36 Malicious npm Packages Target Redis, PostgreSQL Systems
- Fortra Expands Offensive Security Training with Zero-Point Security Acquisition
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
