ConductorOne: AI Agent Identity Risks Escalating
A ConductorOne survey finds that 95% of enterprises now run AI agents autonomously. The report highlights widening governance gaps as AI agents are rapidly being put into operation.
ConductorOne's recent survey highlights a growing concern: AI agents, now widely deployed, pose escalating identity risks. These AI agents, operating autonomously in 95% of enterprises, are performing IT and security tasks, signaling a major shift in how businesses operate. This rapid adoption of AI agents introduces vulnerabilities that traditional security tools often can't handle. Risks include prompt injection, data leakage, model poisoning, and identity/token compromise. The rise of "shadow AI," or unauthorized agents, further complicates the landscape. Many organizations are struggling to manage the permissions and access rights of these non-human identities. A significant 47% report having more non-human identities than human users, yet only 22% have full visibility into them. This lack of visibility, combined with excessive privileges and limited auditability, creates a breeding ground for security breaches. To combat these rising threats, 91% of organizations have increased their IAM (Identity and Access Management) spending, recognizing identity security as a foundational control for autonomous systems. Enterprises are starting to implement stricter access controls, including role-based access control (RBAC) and the principle of least privilege, to limit unauthorized access for AI agents. ConductorOne, founded in 2020, offers an AI-native identity platform to address these challenges. Their platform aims to unify identity governance, access management, and privileged access management, providing a single solution for managing both human and non-human identities. The company has raised $111 million in funding to modernize identity security and simplify integration across fragmented systems. Enterprises are advised to treat AI agents like human users by implementing secure authentication methods and enforcing the principle of least privilege. Monitoring agent behavior and logging every action for accountability are also crucial steps in maintaining a secure AI environment.
