Over-Privileged AI Drives 4.5 Times Higher Incident Rates
Over-Privileged AI Drives 4.5 Times Higher Incident Rates
https://www.infosecurity-magazine.com/news/overprivileged-ai-45-times-higher/
Publish Date: 2026-02-17 08:00:00
Source Domain: www.infosecurity-magazine.com
A majority (69%) of security leaders agree that identity management needs to evolve in order to handle mounting risks in AI infrastructure deployments, according to a new report from Teleport.
The security vendor polled over 200 US infrastructure security leaders to compile its latest report: 2026 State of AI in Enterprise Infrastructure Security.
It defined “AI in infrastructure” as AI-powered workloads, agentic systems, machine-to-machine communication, ChatOps, compliance automation, and incident detection.
The report found that while most respondents are seeing benefits from deploying AI in these use cases, such as improving incident investigation time (66%), documentation quality (71%) and engineering output (65%), a majority (85%) are also worried about the risks.
This is based on real experience rather than hypothetical concerns: a third (35%) confirmed at least one AI-related incident and a further 24% suspect one may have occurred.
The Problem with AI and Identity
A major cause of risk highlighted in the report is identity related. Nearly three-quarters (70%) of respondents said their AI systems have more access rights than a human in the same role would get.
A fifth (19%) said they get “significantly more.”
It is this access which appears to be a predictor of trouble. Organizations with over-privileged AI have a 76% incident rate, whereas those with least-privilege controls put the figure at 17%. It means that those without least-privilege controls are around 4.5 times more likely to encounter security issues.
“This is the single most predictive factor for AI-related incidents that we found – more predictive than the industry, maturity level, or stated confidence,” the report noted.
Teleport claimed that static credentials like passwords, API keys, and long-lived tokens are to blame for the over-privileging of AI systems. Incident rates for organizations with a high reliance on static credentials stood at 67%, versus 47% for…
