More than six in 10 firms track AI Identities; governance gaps remain
A survey found inconsistent controls as AI agents enter enterprise identity systems.
In Singapore, 64% of organisations say artificial intelligence (AI) identities are fully tracked, authenticated, and authorised within formal identity systems, whilst 5% do not track them at all, according to a survey by cybersecurity company Semperis.
The findings are part of a global study of 1,100 organisations examining how companies manage “non-human identities” (NHIs), which include AI agents that are granted access to enterprise systems.
The report said NHIs are increasingly being used in corporate environments as organisations deploy AI tools in internal workflows. These AI agents often require access to identity systems such as Active Directory, Entra ID, and Okta to perform tasks.
In Singapore, 56% of organisations use the same identity systems for both AI agents and human users, whilst 44% manage them through separate systems.
Semperis said the use of AI agents adds additional identity layers within enterprise environments, particularly where access is based on credentials.
It added that this increases the importance of maintaining consistent tracking, authentication, and governance over all identities, including non-human ones.