Survey of 500+ Security & Identity Professionals Shows Dramatic 47-Point Drop in Visibility Confidence as 91% Expect Explosive Growth in AI-Generated Identities in 2026
PALO ALTO, Calif. – January 21, 2026 – Identity-based attacks have become the dominant threat vector, with 77% of organizations reporting that identity compromise now accounts for up to 75% of all security incidents, according to Permiso’s 2026 State of Identity Security Report, released today.
The report reveals a troubling disconnect: while 95% of organizations express confidence in tracking non-human identities like service accounts and API keys, only 43% can proactively detect identity-based risks before incidents occur. Even more striking, less than half of organizations (46%) claimed they had comprehensive visibility into all of the identities in their environment, a stark 47% drop over the previous year's responses (93%).
The research reveals a stark reality: 71% of organizations believe better identity visibility could have prevented a quarter to three quarters of their security incidents. Organizations know the solution exists but can't implement it. Despite this awareness, 44% cite security breaches as the primary business impact of limited visibility. When asked to rank their riskiest identity types, employees topped the list, and the SaaS environments where employees operate daily have the worst visibility of any platform.
The report highlights an emerging challenge: 95% of organizations say AI systems can now create or modify identities without traditional human oversight, and 91% expect AI-generated identities to increase in the next 12 months. Currently, 92% have AI agents accessing production data, with 39% reporting AI systems have access to 26-50% of their sensitive data.
The AI identity challenge reveals several critical pressure points:
The operational impact is severe. Organizations use an average of 3-10 separate tools just for identity visibility, forcing security teams to spend 10-80 hours per week manually correlating data across platforms. For 60% of organizations, this translates to $31K-$125K in annual labor costs for work that unified platforms could automate.
The report found that only 23% of organizations can both detect threats quickly and determine blast radius within minutes. The remaining 77% face critical delays during incident response, giving attackers time to move laterally and exfiltrate data.
Because of these challenges, nearly 90% of organizations plan to increase identity security investment in 2026, with 38% planning increases over 30%. Additionally, detection speeds have improved, with 79% now detecting threats within 24 hours, an increase from 61% in 2024.
The survey of 512 organizations worldwide represents the second annual benchmark, providing year-over-year trend analysis across cloud infrastructure, identity management practices, and threat detection capabilities. When asked what capabilities would most improve their security posture, organizations prioritized real-time threat detection and unified cross-platform visibility over additional point solutions.
The full report, including detailed methodology and analytical frameworks, is available at Permiso State of Identity Security Report 2026.
Permiso is the leading cloud identity security platform that helps organizations discover, protect, and defend against identity threats across multi-cloud and hybrid environments. The company's innovative approach combines static configuration data with runtime intelligence to provide comprehensive visibility into human identities, non-human identities, vendor accounts, and now AI identities. Trusted by multiple Fortune 500 companies and some of the Las Vegas Strip's premier resorts and casinos, Permiso enables organizations to secure their identity fabric across the full spectrum of modern computing environments.
For more information about Permiso and its AI security capabilities, explore our solutions or request a demo at hello@permiso.io