Non-human identities such as service accounts, API keys, OAuth tokens, and AI agents are now the fastest-growing and least-governed attack surface in the enterprise, creating major security, compliance, and breach risks. The article argues that mature governance must go beyond vaulting secrets and include ownership, lifecycle management, least privilege, and continuous auditability for identities like those discussed by One Identity and GigaOm. #OneIdentity #GigaOm #NHI #AIagents
Keypoints
- Non-human identities now outnumber human identities by a large margin.
- Many NHIs lack ownership, rotation, and proper lifecycle control.
- Compromised tokens can spread silently across multiple systems.
- Agentic AI increases risk by dynamically expanding access and actions.
- Mature governance requires policy enforcement, automation, and full audit coverage.
Read More: https://thehackernews.com/expert-insights/2026/05/the-non-human-identity-crisis-why-your.html