THE findings, published on 14 May 2026, show that the majority (93%) of global organizations use or plan to use AI agents for security tasks such as password resets and VPN access, according to Semperis. The security vendor polled 1100 organizations in the US, UK, France, Germany, Spain, Italy, Singapore and Australia to produce its State of Identity Security in the AI Era study.
At the same time, 92% of respondents admitted AI is installed on at least some local machines with access to SSH and encryption keys, further exposing them to security risk, and 74% agreed that AI will increase attacks on identity infrastructure. Despite these concerns, only a third (32%) said they were very confident they could regain control after an AI-driven credential exposure, according to Grace Cassy, partner at Ten Eleven Ventures. The report underscores the need for guardrails, observability and recovery readiness as organizations rapidly integrate AI into identity systems.