.png)
Permiso Research Finds Up to 75% of Security Incidents Are Identity-Related, Highlighting New AI-Driven Risk
%20(2).png)
Hear Ye, Hear Ye
Subscribe to Cloud Chronicles for the latest in cloud security!
Survey of 500+ Security & Identity Professionals Shows Dramatic 47-Point Drop in Visibility Confidence as 91% Expect Explosive Growth in AI-Generated Identities in 2026
PALO ALTO, Calif. – January 21, 2026 – Identity-based attacks have become the dominant threat vector, with 77% of organizations reporting that identity compromise now accounts for up to 75% of all security incidents, according to Permiso’s 2026 State of Identity Security Report, released today.
The report reveals a troubling disconnect: while 95% of organizations express confidence in tracking non-human identities like service accounts and API keys, only 43% can proactively detect identity-based risks before incidents occur. Even more striking, less than half of organizations (46%) claimed they had comprehensive visibility into all of the identities in their environment, a stark 47% drop over the previous year's responses (93%).
Testimonials
“Organizations are finally being honest about what they can't see. The 47-point drop isn't a collapse in capability, but rather a lack in having real-time visibility into what identities are actually doing. You can't detect what you can't see, and the answer to this major issue is simple: unified visibility.”
Jason Martin
Co-CEO at Permiso SecurityMost Incidents Are Preventable, Yet Still Happening
The research reveals a stark reality: 71% of organizations believe better identity visibility could have prevented a quarter to three quarters of their security incidents. Organizations know the solution exists but can't implement it. Despite this awareness, 44% cite security breaches as the primary business impact of limited visibility. When asked to rank their riskiest identity types, employees topped the list, and the SaaS environments where employees operate daily have the worst visibility of any platform.
AI Compounds the Crisis
The report highlights an emerging challenge: 95% of organizations say AI systems can now create or modify identities without traditional human oversight, and 91% expect AI-generated identities to increase in the next 12 months. Currently, 92% have AI agents accessing production data, with 39% reporting AI systems have access to 26-50% of their sensitive data.
The AI identity challenge reveals several critical pressure points:
- One quarter of organizations expect AI-generated identities to double or triple in the next year
- Only 9% expect no growth in AI-generated identities, indicating this is a universal challenge facing the industry
- 52% report AI identity creation happens consistently across all environments, not isolated to specific systems
Testimonials
“The challenge with AI agents isn't that they're accessing data. The challenge is that most organizations don't have visibility into which AI systems have access, what permissions they hold, or what they're doing with the data. These are non-human identities on steroids, with access patterns that traditional monitoring can't detect.”
Paul Nguyen
Co-CEO at Permiso SecurityThe Cost of Fragmentation
The operational impact is severe. Organizations use an average of 3-10 separate tools just for identity visibility, forcing security teams to spend 10-80 hours per week manually correlating data across platforms. For 60% of organizations, this translates to $31K-$125K in annual labor costs for work that unified platforms could automate.
The report found that only 23% of organizations can both detect threats quickly and determine blast radius within minutes. The remaining 77% face critical delays during incident response, giving attackers time to move laterally and exfiltrate data.
Testimonials
"When we talk to security teams drowning in manual correlation, they all describe the same pattern. They know which identities to investigate, but by the time they've pulled logs from five different systems, mapped the identity across three different formats, and reconstructed the timeline, the incident has evolved. They're always responding to yesterday's attack.”
Ian Ahl
CTO at Permiso SecurityMarket Responds with Record Investment
Because of these challenges, nearly 90% of organizations plan to increase identity security investment in 2026, with 38% planning increases over 30%. Additionally, detection speeds have improved, with 79% now detecting threats within 24 hours, an increase from 61% in 2024.
The survey of 512 organizations worldwide represents the second annual benchmark, providing year-over-year trend analysis across cloud infrastructure, identity management practices, and threat detection capabilities. When asked what capabilities would most improve their security posture, organizations prioritized real-time threat detection and unified cross-platform visibility over additional point solutions.
The full report, including detailed methodology and analytical frameworks, is available at Permiso State of Identity Security Report 2026.
About Permiso
Permiso is the leading cloud identity security platform that helps organizations discover, protect, and defend against identity threats across multi-cloud and hybrid environments. The company's innovative approach combines static configuration data with runtime intelligence to provide comprehensive visibility into human identities, non-human identities, vendor accounts, and now AI identities. Trusted by multiple Fortune 500 companies and some of the Las Vegas Strip's premier resorts and casinos, Permiso enables organizations to secure their identity fabric across the full spectrum of modern computing environments.
For more information about Permiso and its AI security capabilities, explore our solutions or request a demo at hello@permiso.io
.png?width=767&name=(970x250).png)
