The 2026 Infrastructure Identity Survey: State of AI Adoption

85% of security leaders are concerned about AI-related infrastructure risk.

59% of security leaders report having experienced or strongly suspect an AI-related security incident.

70% of security leaders say AI systems have more access than a human in the same role.

Enterprises deploying AI systems with excessive permissions experience 4.5x more security incidents than enterprises that enforce least-privilege controls.

Organizations with over-privileged AI systems have a 76% incident rate, compared to a 17% incident rate for organizations that limit AI to only the privileges needed for the task.

43% of organizations say AI makes infrastructure changes without human oversight at least monthly.

79% of organizations are evaluating or deploying agentic AI, yet only 13% of organizations feel highly prepared for it.

67% of organizations rely on static credentials for AI systems.

Only 3% of organizations have automated, machine-speed controls governing AI behavior.

92% of organizations have near-term AI initiatives in production infrastructure.

69% of security leaders agree identity management must fundamentally change to support AI safely.

Organizations most confident in their AI deployments experience more than twice the incident rate of less confident peers.

7% of organizations don't know how often AI is making autonomous infrastructure changes at all.

Relying on static credentials for AI systems correlates with a 20-percentage-point increase in incident rates.