SYDNEY, AUSTRALIA – September, 2025 – Delinea, a pioneering provider of solutions for securing human and machine identities through centralised authorisation, today published new research on the impact of artificial intelligence in reshaping identity security.
According to the report, “AI in Identity Security Demands a New Playbook,” only 28% of Australian organisations say they are fully equipped to secure AI, far below the 44% global average – despite widespread confidence in their capabilities. Based on a survey of over 1,700 worldwide, the report also reveals a significant gap between organisations’ confidence in securing AI tools and their actual capabilities.
In Australia, 87% of organisations believe their machine identity security can keep pace with AI-driven threats. Yet only 46% have full visibility into machine identities, with 16% admitting to no visibility at all – double the global figure of 8%. Fewer than half (45%) have governance in place for AI entities. With 73% of Australian operations already utilising agentic or generative AI, the lack of visibility leaves autonomous agents vulnerable to risks such as unchecked decisions and compromise by external threat actors.
“Agentic AI demands agentic security,” said Art Gilliland, CEO of Delinea. “Organisations must rethink how they approach identity, building adaptive, risk-aware systems that verify and secure every action, whether it’s human- or machine-driven. AI agents, in particular, require more granular and dynamic identity access controls than the traditional role-based approaches. More broadly, every organization must build out a comprehensive AI governance model to ensure that it’s being used securely and as intended.”
Further Australian findings from the report include:
-
AI usage in IT and security operations is widespread: In Australia, 90% of companies are using or piloting AI in IT operations, with 73% already applying generative or agentic AI. Notably, 25% actively use agentic AI to enhance security operations.
-
Shadow AI is a frequent challenge: 44% of respondents report encountering shadow AI issues at least once a month, with 21% admitting these occur multiple times per month, highlighting the challenge of unsanctioned AI usage.
-
AI identity security concerns: Organisations identified their most pressing concerns around AI in identity security:
-
-
AI-driven credential theft (46%)
-
AI-generated phishing and deep fakes (45%)
-
Agentic AI systems with unchecked access (42%)
-
Unsanctioned use of AI tools (40%)
-
Poor visibility into AI access workflows (28%)
-
-
Despite broad AI adoption, the report highlights a significant gap in AI governance across organisations in Australia. Just 55% of organisations have an acceptable use policy for AI tools, and only 51% have access controls for AI agents. Alarmingly, 38% admit to having no policies or controls at all to monitor AI tool access to sensitive data — significantly higher than the USA (22%), UK (20%) and Singapore (13%). But half remain optimistic that their security roadmaps will strengthen AI protections within the next two years. This lack of oversight leaves many organisations vulnerable to the risks posed by unsanctioned use and improperly managed AI technologies.
As AI continues to transform IT and security operations, organisations must prioritise robust identity governance and adaptive security controls to address emerging risks. To learn more about AI trends in identity security, including actionable steps for securing AI, download a copy of the report here.
About Delinea
Delinea is a pioneer in securing human and machine identities through intelligent, centralised authorisation, empowering organisations to seamlessly govern their interactions across the modern enterprise. Leveraging AI-powered intelligence, Delinea’s leading cloud-native Identity Security Platform applies context throughout the entire identity lifecycle – across cloud and traditional infrastructure, data, SaaS applications, and AI. It is the only platform that enables you to discover all identities – including workforce, IT administrator, developers, and machines – assign appropriate access levels, detect irregularities, and respond to threats in real-time. With deployment in weeks, not months, 90% fewer resources to manage than the nearest competitor, and a 99.995% uptime, the Delinea Platform delivers robust security and operational efficiency without complexity. Learn more about Delinea on LinkedIn, X, and YouTube.
