{"id":4583,"date":"2026-02-21T18:38:09","date_gmt":"2026-02-21T18:38:09","guid":{"rendered":"http:\/\/ft365.org\/index.php\/2026\/02\/21\/over-privileged-ai-drives-4-5-times-higher-incident-rates\/"},"modified":"2026-02-21T18:38:09","modified_gmt":"2026-02-21T18:38:09","slug":"over-privileged-ai-drives-4-5-times-higher-incident-rates","status":"publish","type":"post","link":"https:\/\/ft365.org\/index.php\/2026\/02\/21\/over-privileged-ai-drives-4-5-times-higher-incident-rates\/","title":{"rendered":"Over-Privileged AI Drives 4.5 Times Higher Incident Rates"},"content":{"rendered":"
\n

\"Photo<\/p>\n<\/div>\n

\n

A majority (69%) of security leaders agree that identity management needs to evolve in order to handle mounting risks in AI infrastructure deployments, according to a new report from Teleport.<\/p>\n

The security vendor polled over 200 US infrastructure security leaders to compile its latest report: 2026 State of AI in Enterprise Infrastructure Security.<\/em><\/p>\n

It defined \u201cAI in infrastructure\u201d as AI-powered workloads, agentic systems, machine-to-machine communication, ChatOps, compliance automation, and incident detection.<\/p>\n

The report found that while most respondents are seeing benefits from deploying AI in these use cases, such as improving incident investigation time (66%), documentation quality (71%) and engineering output (65%), a majority (85%) are also worried about the risks.<\/p>\n

This is based on real experience rather than hypothetical concerns: a third (35%) confirmed at least one AI-related incident and a further 24% suspect one may have occurred.<\/p>\n

The Problem with AI and Identity<\/strong><\/h2>\n

A major cause of risk highlighted in the report is identity related. Nearly three-quarters (70%) of respondents said their AI systems have more access rights than a human in the same role would get.<\/p>\n

A fifth (19%) said they get \u201csignificantly more.\u201d<\/p>\n

It is this access which appears to be a predictor of trouble. Organizations with over-privileged AI have a 76% incident rate, whereas those with least-privilege controls put the figure at 17%. It means that those without least-privilege controls are around 4.5 times more likely to encounter security issues.<\/p>\n

\u201cThis is the single most predictive factor for AI-related incidents that we found \u2013 more predictive than the industry, maturity level, or stated confidence,\u201d the report noted.<\/p>\n

Teleport claimed that static credentials like passwords, API keys, and long-lived tokens are to blame for the over-privileging of AI systems. Incident rates for organizations with a high reliance on static credentials stood at 67%, versus 47% for those with a low reliance.<\/p>\n

Teleport CEO, Ev Kontsevoy, explained that the growing complexity of IT infrastructure is putting increasing pressure on identity management.<\/p>\n

\u201cMost organizations have more groups and roles than employees, for example. And deploying non-deterministically behaving agents on top of this mess comes with unpleasant consequences,\u201d he added. \u201cThe data is clear. It\u2019s not the AI that\u2019s unsafe. It\u2019s the access we\u2019re giving it.\u201d<\/p>\n

Time to Improve<\/strong><\/h2>\n

Unfortunately, few organizations seem to be prepared to improve the situation. A majority said they either had no “formal” governance controls in place (43%) or none at all (21%).<\/p>\n

To get back on the front foot against AI risk, Teleport recommended organizations to:<\/p>\n