The Ungoverned Workforce: Cybersecurity Insiders Finds 92% Lack Visibility Into AI Identities

Home Press Release The Ungoverned Workforce: Cybersecurity Insiders Finds 92% Lack Visibility Into AI Identities Washington D.C., USA, April 21st, 2026, CyberNewswire Cybersecurity Insiders, in collaboration with Saviynt, has released new research indicating that AI identities are increasingly operating within core enterprise systems, often without established governance or visibility. The study finds that while 71% of CISOs and senior security leaders confirm AI tools have access to core systems such as Salesforce and SAP, only 16% report that this access is governed effectively. The research highlights a significant visibility gap regarding non-human identities. According to the data, 92% of respondents lack full visibility into AI identities, and 95% expressed doubt in their ability to detect or contain misuse should it occur. Additionally, 75% of surveyed organizations have already identified unsanctioned AI tools running within their environments. The findings suggest that enterprises are managing a new class of non-human identities that differ from traditional employee service-account models. These AI systems can invoke APIs, hold persistent credentials, and operate across applications with limited human oversight, creating a gap between system access and corporate accountability. “This is no longer a future-state problem,” said Holger Schulze, founder of Cybersecurity Insiders. “AI already has access to business-critical systems, often with more autonomy and less oversight than any security team would knowingly approve. If organizations cannot identify those accounts, understand their privileges, and enforce policy around them, they do not really control the environments those systems operate in.” Current enforcement of formal access policies remains low, with 86% of respondents stating they do not enforce such policies for AI identities. Furthermore, only 5% of security leaders feel confident they could contain a compromised AI agent. The report concludes that as AI continues to integrate into SaaS and cloud workflows, the focus for CISOs must shift toward continuous discovery, classification, and monitoring of machine identities to maintain security standards. To download the full report: https://www.cybersecurity-insiders.com/portfolio/2026-ciso-ai-risk-report-saviynt/ About Cybersecurity Insiders Cybersecurity Insiders provides independent research and analysis focused on the operational reality of enterprise cybersecurity. We gather insights from senior security and IT leaders to examine how high-level strategies translate into day-to-day execution. Our analysis identifies the measurable gaps between intended strategy and actual risk exposure, offering a credible, data-driven foundation for security decision-making and industry benchmarking. More: https://cybersecurity-insiders.com Contact Founder Holger Schulze Cybersecuity Insiders info@cybersecurity-insiders.com RELATED ARTICLESMORE FROM AUTHOR Press Release Security Risk Advisors Purple Team Participants Can Now Earn CPE Credits Press Release Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action Press Release Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSec Top 10 Top 10 Best User Access Management Tools in 2026 April 4, 2026 Top 10 Best VPN For Chrome in 2026 April 4, 2026 20 Best Application Performance Monitoring Tools in 2026 April 3, 2026 Top 10 Best VPN For Linux In 2026 April 3, 2026 10 Best VPN For Privacy In 2026 April 2, 2026