SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
APAC firms struggle as AI identities swell, survey finds
Data Protection Digital Transformation PAM

APAC firms struggle as AI identities swell, survey finds

Fri, 8th May 2026 (Today)
Sean Mitchell
SEAN MITCHELL Publisher

Keeper Security has published survey findings showing that 94% of Asia-Pacific IT leaders struggle to manage a growing identity footprint, underscoring regional pressure from the expanding use of AI and machine identities.

The research surveyed 3,200 cybersecurity decision-makers and senior IT leaders across Asia-Pacific, the United States, Europe and the Middle East. It found that identity systems are expanding beyond employees and contractors to include service accounts, automated workflows and other non-human identities, even as many organisations still rely on fragmented security tools.

Across the global sample, 89% said managing identity growth was difficult. That rose to 94% in Asia-Pacific, where respondents also reported a sharper deterioration in the threat environment than in other regions covered by the study.

Nearly one in three APAC respondents, or 32%, said the threat landscape was much more challenging than a year earlier. The global average was 23%.

Detection gaps

The survey also highlighted delays in spotting suspicious activity. Globally, 72% of organisations said they could not detect credential misuse in real time, suggesting many still lack continuous oversight of privileged access and identity abuse.

In Asia-Pacific, 22% of organisations said they take days or longer to detect credential misuse or unauthorised privileged access. Another 48% said they detect such incidents within hours, while 28% said they can do so within minutes.

For a significant share of companies in the region, those figures suggest attackers may have a broad window to move through systems before security teams intervene. The study also found that 96% of organisations globally believe disconnected or poorly integrated security tools create exploitable gaps.

The findings point to a mismatch between the pace of identity growth and the controls used to manage it. Only 36% of organisations globally said they had fully deployed Privileged Access Management, despite broader concern about identity expansion and credential misuse.

AI pressure

AI adoption emerged as a major driver of digital identity growth. According to Keeper, AI agents, service accounts and automated processes are increasing the number of non-human identities inside organisations, creating governance challenges for security teams already dealing with fragmented systems.

More than half of APAC respondents, or 53%, identified AI-related non-human identity management and security as a leading identity governance gap, compared with 43% globally.

Concern about employee use of AI tools was also higher in the region than the global average. The study found that 62% of APAC respondents worried employees could inadvertently expose sensitive information to AI systems, compared with 56% across all regions surveyed.

A lack of visibility into which AI tools employees use remains another issue. Globally, 42% of organisations described that as a significant governance gap, while the figure in APAC was 47%.

These concerns are feeding into spending plans. Half of APAC respondents said they plan to prioritise investment in AI security tools over the next year, while 38% expect to invest in identity threat detection and response and 34% in privileged access management.

At the same time, 78% of APAC organisations said managing enterprise secrets and machine identities was challenging, suggesting many expect to spend more on identity controls while still struggling with basic visibility and administration.

Darren Guccione, Chief Executive Officer and Co-founder of Keeper Security, said the increase in machine accounts is changing the balance of identity risk inside organisations. "AI agents, service accounts and machine identities radically outnumber human users in many environments. Most organizations lack the capabilities in their current identity security stack to govern them. Every unmanaged identity is a prime target for attackers," he said.

He added: "Given the accelerated proliferation of AI and machine identities within enterprise infrastructure, the implementation of pervasive identity governance with real-time detection and least-privilege enforcement is essential."

Takanori Nishiyama, Senior Vice President, Asia-Pacific, at Keeper Security, said the regional data showed organisations were under pressure from rising identity volumes and limited oversight. "The data from Asia-Pacific tells a clear story: organisations across the region are managing more identities, in more environments, with more AI involvement - and the gap between what they govern and what they cannot see is growing," he said.

He added: "AI-related NHI risk is felt more sharply here than anywhere else in this study. Closing that gap requires a unified identity security platform that treats every AI agent, service account and machine identity as a governed, auditable entity."

Related stories
Check Point teams with Google Cloud on AI agent security
AI bots overwhelm identity controls in Australia & NZ
AI agents blur human access lines in enterprise systems
ExtraHop launches AI network visibility & governance tool
Netwrix boosts AI data governance for Microsoft Copilot
Top stories
Why trust is the bottleneck for AI-driven operations
AMD launches Instinct MI350P PCIe card for AI inference
Digital identity: How it powers APAC's fintech boom
AI linked to 83% of breaches, Gigamon survey finds
MTX appoints Sri Gazula as Global Growth Officer