The AI Agent Identity Crisis: New Research Reveals a Governance Gap

Key Takeaways

• Enterprises can’t move AI agents from pilot to production because identity governance isn’t there yet. Teams are sharing human credentials and access tokens with agents because no alternative exists for securing identity within autonomous workflows.
• Most security leaders don’t trust their IAM to manage agents. Only 18% expressed high confidence that their current identity systems can effectively handle agent identities.
• Agent identity has no clear owner. Just 23% of organizations have a formal, enterprise-wide strategy for agent identity management. Responsibility is split across teams, and less than half feel they could pass a compliance review focused on agent behavior.
• Security risks are real enough to open budgets. 55% of respondents cited sensitive data exposure as a top concern, and 40% of organizations are increasing their identity and security budgets specifically to address AI agent risks.
• Static credentials and siloed policy enforcement can’t keep up with autonomous agents. Agents operate continuously, make runtime decisions, and span multiple platforms simultaneously. The traditional IAM playbook was never built for that.

When we commissioned the Cloud Security Alliance to survey 285 IT and security professionals about how they’re managing AI agents, we expected to find some challenges. What we discovered was a full-blown identity crisis-one that’s unfolding right now as organizations struggle to find ways to confidently move their agentic programs from experimentation into production. Teams continue to share human credentials and access tokens with agentic users  in the absence of an alternative solution for securing identity within autonomous workflows. It’s no wonder AI programs are stalling out and failing to generate measurable impact on the bottom line.

The Scale-Up is Already Happening

Agents aren’t staying in neat, controlled environments. They’re running across public clouds (66%), on-premises systems (37%), and private clouds (36%), with 38% operating in hybrid configurations that span multiple environments. Organizations are building with OpenAI (63%), Azure, Google, ServiceNow, and Anthropic, creating a distributed identity surface that traditional IAM systems were never designed to handle.

The Confidence Problem

Here’s an uncomfortable truth: only 18% of security leaders are highly confident their current IAM systems can effectively manage agent identities. The rest? They’re either moderately confident (35%), slightly confident (29%), or have little to no confidence at all (18%).

That lack of confidence shows up in the fundamentals. When we asked how agents are being authenticated, the answers revealed broad reliance on methods built for a different era of NHIs in tightly-controlled machine identity use cases: 44% use static API keys, 43% use username and password combinations, and 35% rely on shared service accounts. These are persistent, often unmonitored access pathways and exactly what you don’t want for autonomous systems operating 24/7 across multiple platforms.

The visibility gaps are even more concerning. Only 28% can reliably trace agent actions back to a human sponsor across all environments. Just 21% maintain a real-time inventory of active agents. Nearly 80% of organizations deploying autonomous AI cannot tell you, in real time, what those systems are doing or who’s responsible for them.

The Human Bottleneck

Without proper visibility and control, organizations are doing what they always do when they can’t trust their systems: they delay the move to production. While 68% rated human-in-the-loop (HITL) oversight as “essential” or “very important,” requiring human validation before agents can access sensitive data (69%), make system changes (68%), or approve financial transactions (62%), they don’t have a way to introduce out-of-band liveness checks and consent approvals. Without an architectural approach for integrating HITL checkpoints at policy-defined thresholds, AI agents are relegated to mundane low-risk projects that do little to move the needle on ROI.

The Ownership Vacuum

Only 23% of organizations have a formal, enterprise-wide strategy for agent identity management. Another 37% rely on informal practices-essentially making it up as they go. Ownership is fragmented across Security teams (39%), IT departments (32%), and emerging AI security functions (13%), with no clear accountability.

When we asked about audit readiness, the results were equally sobering. Less than half feel “somewhat confident” they could pass a compliance review focused on agent behavior. The majority simply cannot demonstrate proper control over their autonomous systems as mandated by corporate governance and regulatory measures.

Investment is Following Recognition

The good news? Organizations are waking up to the problem and putting real resources behind it. 40% are increasing their identity and security budgets specifically to address AI agent risks, while 34% have established dedicated budget lines for agent governance.

The top concerns driving these investments mirror the structural weaknesses we found: sensitive data exposure (55%), unauthorized actions (52%), credential misuse (45%), lack of identity standards (45%), and inability to discover or register agents (40%). Security leaders know what’s broken and they’re investing real dollars to fix it.

What This Means

The research makes one thing abundantly clear: the traditional IAM playbook doesn’t work for autonomous agents. Static credentials, over-permissioned tokens, and siloed policy enforcement cannot keep pace with entities that operate continuously, make runtime decisions, and span multiple platforms simultaneously. Even worse, they introduce unacceptable business risk and put seemingly unsolvable roadblocks in front of Agentic AI adoption.

Organizations that want to safely unlock the potential of agentic users need purpose-built identity infrastructure that provides AI Identity Gateways that act as policy enforcement points in front of critical resources and existing MCP servers. The new name of the game is dynamic authentication via OBO token exchange, runtime authorization, continuous traceability, and unified orchestration across every environment where agents operate.

The agentic era is already here. The question isn’t whether to adopt AI agents. The question is whether your identity infrastructure can support them securely as they scale.

Download the full report to explore the complete findings, including detailed breakdowns of authentication methods, authorization controls, traceability gaps, and governance strategies across industries and organization sizes.

Strata Identity commissioned the Cloud Security Alliance to conduct this survey in September and October 2025. The full report, “Securing Autonomous AI Agents,” is available now and can be downloaded HERE.