89% of IT Leaders Say Managing Identities Has Become a Major Challenge
Nearly nine in ten senior IT leaders struggle to manage the growing number of human and machine identities in their organizations, according to research from Keeper Security. The company surveyed 3,200 cybersecurity decision-makers across the U.S., Europe, Asia-Pacific and the Middle East.
The problem isn't new, but it's accelerating. Organizations now manage employees, contractors, third parties and machine accounts - each one a potential security entry point. As AI adoption spreads, the number of non-human identities multiplies faster than security tools can track.
Fragmented Tools Create Exploitable Gaps
96% of respondents reported that disconnected or poorly integrated security tools create exploitable gaps. Identity authority sits scattered across multiple systems with no single control center.
In the U.S., the problem feels more acute. 73% of American respondents cited fragmented tools as a vulnerability, compared with 63% globally. More than a third of U.S. organizations report attempted cyberattacks occurring daily or more frequently.
Detection Lags Behind the Threat
Most organizations can't detect credential misuse in real time. In 72% of companies, unauthorized privileged access goes unnoticed for hours, days or even weeks.
This detection gap matters because every unmanaged identity becomes a target. Attackers know which accounts organizations struggle to monitor.
AI Adoption Outpaces Governance
As companies deploy AI tools, new security blind spots emerge. 43% of respondents globally identified AI-related machine identity management as a top governance gap. That figure climbs to 51% in the U.S.
Employee use of AI tools poses a separate risk. 56% of respondents worry about staff inadvertently exposing sensitive information to AI systems. Among U.S. respondents, that concern rises to 67%.
Shadow AI - tools employees use without IT approval - creates additional blind spots. 42% of organizations lack visibility into which AI tools their workforce actually uses.
What This Means for Management
The research points to a fundamental mismatch: identity ecosystems have grown faster than the tools designed to secure them. Organizations need consolidated visibility across all identities, real-time detection of unauthorized access, and governance frameworks that account for both human and machine accounts.
For IT leaders and security managers, this means auditing current tooling for integration gaps and building policies around AI tool usage before shadow deployments expand the problem.
Learn more about identity security approaches from AI for Management or AI for Cybersecurity Analysts.
Your membership also unlocks:
