Semperis has warned that enterprises are deploying AI agents into sensitive security workflows faster than they are building the identity controls needed to govern them, after surveying 1,100 organisations across the U.S., U.K., France, Germany, Spain, Italy, Singapore, and Australia.
The State of Identity Security in the AI Era study found that 74% of organisations believe AI will increase attacks on identity infrastructure, while 93% already use, or plan to use, AI agents for sensitive security tasks such as password resets and VPN access. Semperis said the figures point to a widening attack surface around Active Directory, Microsoft Entra ID, and Okta environments, as non-human identities gain access to systems traditionally controlled through human account governance.
The study also found that 92% of respondents have AI installed on at least some local machines with access to SSH and encryption keys. Despite that level of exposure, only 32% of organisations globally said they were very confident they could regain control if AI exposed administrative credentials. Confidence varied sharply by geography, with 53% of U.S. organisations expressing confidence, compared with 12% in France.
“The accelerated use of AI is introducing a bevy of new agents – each with its own non-human identity (NHI) – throughout global enterprises and many companies are just way too optimistic about their ability to recover their identity infrastructure following a breach, even as they expand this landscape of NHIs,” said Alex Weinert, Chief Product Officer at Semperis.
Semperis reported that 29% of surveyed organisations already use AI agents to manage security-related help desk tickets, while a further 65% intend to do so within the next year. Only 65% said AI identities are fully registered, authenticated, and authorised in a formal system, and 6% said they do not track them at all.
Identity recovery becomes more complex when AI agents can reset credentials, approve access, or interact with privileged environments. Without clear registration, authentication, authorisation, and monitoring, organisations risk losing visibility over the accounts and agents that control core security infrastructure.
“The pattern of global organisations overestimating how quickly they can recover from a cyberattack is real, especially when identity is within the blast radius. On paper, organisations have plans and backups; in practice, identity failures turn technical incidents into prolonged business crises, exposing a dangerous gap between perceived resilience and reality,” said Chris Inglis, the first U.S. National Cyber Director and Semperis Strategic Advisor.
Semperis said best-practice controls include treating agents explicitly as non-human identities, applying least-privilege and just-in-time access, separating agent and human trust boundaries where appropriate, and using behavioural analytics to detect anomalous or dormant agent activity. The company has made the full AI identity security study available online.
