Sydney, Australia – March 20, 2026 – Delinea, a pioneering provider of solutions for securing human and machine identities through centralised authorisation, today published new research examining how rapid AI adoption is reshaping identity security risks for enterprises. According to the report “Uncovering the Hidden Risks of the AI Race,” 90% of Australian organisations pressure security teams to loosen identity controls to enable AI initiatives, despite significant gaps in AI identity discovery, monitoring, and privilege control. The report also reveals an AI security confidence paradox between organisations’ perceived readiness for AI and their actual capabilities to adopt it securely.

Based on a global survey of over 2,000 IT decision-makers actively using or piloting AI, and insights from the Delinea Labs research team on real-world cyber incidents, the report finds organisations struggling to maintain visibility and governance as AI-driven automation rapidly expands the number of identities in enterprise environments. Nearly 90% of Australian respondents report at least one identity visibility gap, with the largest gap (39%) tied to human identities in the general workforce. This contrasts with the global picture, where the biggest visibility gaps in most countries surveyed are found in machine and non-human identities (NHIs), including accounts used by AI agents. Respondents also said these discovery gaps are most likely to persist in AI-related environments (52%), occurring at nearly double the rate seen in legacy or on-premises systems (25%).

“The pressure to move fast on AI is real, but identity governance has not kept pace, which exposes enterprises to significant risk,” said Art Gilliland, CEO at Delinea. “As AI agents multiply across enterprise environments, these identities often have the least oversight. The organisations that will succeed in the AI era will be the ones that enforce real-time, contextual access across every human, machine, and agentic AI identity.”

Key Findings From the Report

• AI expansion is driving non-human identity risk: 41% of Australian organisations say AI expansion has been one of the top factors increasing NHI risk in the past 12 months, far surpassing increased automation and CI/CD velocity (23%) and growth in cloud-native workloads (28%).
• Limited visibility into privileged AI actions: 80% of Australian organisations say they are unable to always understand why an NHI performed a privileged action, highlighting major challenges with traceability and accountability for automated identities.
• Standing access remains the norm: 51% of Australian organisations report lacking viable alternatives to standing privileged access for NHIs and AI agents, increasing the risk that automated identities retain persistent permissions that could be exploited.

When Compared to the Rest of the World, Australian Organisations…

• Are the most likely to not use any form of validation for non-human or AI identities. 1 in 10 Australian organisations (10%) never validate NHI inventory against behavioural patterns, with only 29% validating this continuously. This is in contrast with 6% and 32% globally, respectively.
• Are amongst the least confident in explaining AI decision making. In the event that NHIs take privileged actions, only 59% of Australian organisations are always or often able to explain the scenario, significantly lower than that of their UK (68%) and US (69%) counterparts.

The AI Security Confidence Paradox

Despite clear governance gaps, many organisations remain confident in their readiness for AI adoption, highlighting a disconnect between perceived and actual security maturity. While 83% of Australian respondents say their identity security posture is ready to support AI-driven automation, 40% admit their identity governance around AI systems is deficient.

Organisations were also almost twice as likely to rate their ability to discover and govern identities in AI environments poorly, compared to legacy systems. Similarly, while 78% express confidence in discovering NHIs with access to production systems, fewer than three in ten organisations validate NHI or AI agent activity in real time to ensure discovery processes are working.

As AI agents begin accessing critical infrastructure and enterprise data, organisations need stronger ways to discover all identities, manage privileges, and audit activity across humans, machines, and AI agents. Delinea delivers a unified approach by combining cryptographic identity, contextual access controls, JIT runtime authorisation, and full session visibility to ensure AI-driven automation operates securely and transparently. By providing a single access experience across infrastructure with built-in auditing and least-privilege enforcement, Delinea enables organisations to adopt AI without introducing unmanaged access risk.

To learn more about how organisations can manage identity risks introduced by AI-driven automation, download a copy of the report here

About Delinea

Delinea is a pioneer in securing human and machine identities through intelligent, centralised authorisation, empowering organizations to seamlessly govern their interactions across the modern enterprise. Leveraging AI-powered intelligence, Delinea’s leading cloud-native Identity Security Platform applies context throughout the entire identity lifecycle – across cloud and traditional infrastructure, data, SaaS applications, and AI. It is the only platform that enables you to discover all identities – including workforce, IT administrator, developers, and machines – assign appropriate access levels, detect irregularities, and respond to threats in real-time. With deployment in weeks, not months, 90% fewer resources to manage than the nearest competitor, and a 99.995% uptime, the Delinea Platform delivers robust security and operational efficiency without complexity. Learn more about Delinea on LinkedIn, X, and YouTube.