The Non-Human Identity Crisis: Why Your Machine Identities Are Your Biggest Governance Gap
The Non-Human Identity Crisis: Why Your Machine Identities Are Your Biggest Governance Gap
https://thehackernews.com/expert-insights/2026/05/the-non-human-identity-crisis-why-your.html
Publish Date: 2026-05-18 03:51:00
Source Domain: thehackernews.com
Identity sprawl, agentic AI risk, and the path to NHI governance maturity
When security leaders talk about identity risk, the conversation almost always centers on humans: Privileged users, compromised accounts, insider threats. But for most enterprises, the greater risk has already shifted.
And it has nothing to do with your employees.
Non-human identities (NHIs) — service accounts, API keys, OAuth tokens, SSH keys, RPA bots, cloud workload credentials and AI agents — are the fastest-growing, least-governed attack surface in the modern enterprise. And the industry is beginning to reckon with what that means.
$4.88M
Global average cost of a data breach — IBM Cost of a Data Breach 2024
The scope of the problem
The numbers are striking. Research from Rubrik Zero Labs puts the NHI-to-human identity ratio at 45:1 in the modern enterprise. For cloud-native and DevOps environments, Entro Labs H1 2025 research puts that figure at 144:1.
These identities are not passive: They authenticate continuously, access sensitive systems and carry permissions that would be flagged immediately if a human account held them.
Yet most NHIs exist in a governance vacuum:
- 8% of enterprise identities have no owner in HR systems — the creator left, but the account and its full access remain.
- 47% of NHIs are more than one year old with no credential rotation.
- Two thirds of enterprises have suffered a breach via a compromised NHI, per recent industry data.
The threat is not theoretical. A single stolen token from a CI/CD log, a support export or a partner email can fan out across CRM, storage and production environments, with cloned tokens and background jobs operating invisibly while no alerts fire. Logs split between your SIEM and the provider’s system, and attribution becomes a months-long exercise in shared-responsibility finger-pointing.
Actionable insights on NHIs: The hidden costs, agentic AI risk under control
Join experts from One Identity and GigaOm to learn how…
