Recent research highlights a security challenge facing enterprises that are adopting AI. As organisations integrate AI into their infrastructure, gaps in identity and access control are creating potential security vulnerabilities.
According to research from Teleport, 92% of companies are deploying AI systems. Despite this high level of adoption, many organisations have not implemented comprehensive identity controls to match their AI deployment. Security leaders have noted that this gap may undermine operational efficiency gains.
The research indicates that AI systems often have broader access across infrastructure than human employees in similar roles. This risk increases as AI becomes more embedded in enterprise operations.
Data from the study shows that organisations with over-privileged AI systems report a 76% incident rate, compared with a 17% rate among organisations that enforce least-privilege controls. The findings suggest that the level and type of access granted to AI systems — rather than technological complexity — plays a significant role in security outcomes.
The research also notes that AI systems can autonomously make infrastructure changes, in some cases without direct human oversight, which may increase exposure to security incidents.
Many organisations operate infrastructure environments that rely on static credentials and fragmented identity systems. These configurations can lead to duplicated service accounts and expanded credential sprawl, increasing the potential impact of a compromise.
Teleport’s findings highlight the potential value of a unified identity layer to help reduce permission sprawl and strengthen security controls. Such an approach aims to manage access more consistently across both human users and AI systems.
Recommended measures include replacing static credentials with dynamic authentication methods, applying least-privilege principles to both human and machine identities, and implementing governance mechanisms that monitor AI activity in real time.
The research underscores the importance of strengthening identity controls as AI adoption grows. Implementing structured access management practices may help organisations reduce risk and improve overall security posture.
