The AI oversharing problem is becoming an identity crisis

The first phase of enterprise AI security was all about oversharing. Staff uploaded confidential meeting notes into chatbots, while developers pasted source code into public models. Legal teams issued warnings. Security teams tried (often unsuccessfully) to contain shadow AI.

But now, the most urgent concern goes beyond just humans sharing sensitive information with AI systems. Because the systems themselves have started accessing, moving and acting on sensitive data autonomously.

According to a recent report from Akeyless, 94% of organisations are already using AI agents, while 51% say those agents are now widely deployed across multiple business functions. More importantly, 83% say AI agents can access sensitive data.

That changes things. AI is moving from assistant to operator – and operators need permissions.

Organisations know the data problem is real

Both the data and our firsthand conversations with business leaders at Black Hat MEA tell us that in reality, most organisations already understand the risks. But they haven’t caught up operationally.

Another report from NTT DATA found that 96% of organisations fear privacy violations and misuse of customer data linked to AI and generative AI adoption. Meanwhile, 98% of C-suite leaders said a private AI environment (one that uses publicly non-trainable models to protect sensitive data and intellectual property) is now imperative.

There is growing recognition that enterprise AI can’t rely indefinitely on open, externally controlled environments for sensitive workloads.

And that’s where sovereign and private AI are entering the conversation.

At a high level, sovereign AI refers to AI systems operating within controlled environments that enforce data residency, governance and compliance requirements. In practice, that can mean:

• Dedicated infrastructure
• Tighter identity controls
• Encrypted data pipelines 
• Models that don’t train on enterprise data

The appeal is obvious. Only 47% of organisations surveyed by NTT DATA said they were fully confident in their ability to meet AI sovereignty requirements. So everyone’s under pressure to figure out where AI can exist safely. 

AI agents are creating a machine speed identity problem

Apart from deciding where data is held, the bigger issue here lies in who (or what) can access it. 

The Akeyless report paints a worrying picture of AI-driven identity sprawl. Nearly seven in ten organisations use API keys to authenticate AI agents, while more than half still rely on static usernames and passwords. Only 44% said they know where all AI-agent credentials or secrets are stored.

It’s a visibility gap that everyone should care about – because AI agents are increasingly being trusted with operational access. According to research by Semperis, 93% of organisations already use – or plan to use – AI agents for sensitive security tasks such as password resets and VPN access. And 92% said AI is installed on at least some local machines with access to SSH and encryption keys.

The idea that AI could become another privileged identity layer is now very much a reality. And like every identity layer before it, it’s vulnerable to overpermissioning, poor credential hygiene, and weak governance.

We can already see the consequences. Akeyless found that 67% of organisations suspect AI agents have accessed data beyond their intended scope, while 61% have already revoked or rotated credentials following suspected exposure.

As Sarah Cecchetti from Semperis put it in the report: “AI agents can do anything,” and without disciplined controls, “you’re playing roulette”.

Sovereign AI could help – but it’s not a silver bullet

Sovereign AI could become an important part of the solution – because it gives organisations more control over where sensitive prompts, models and workflows operate.

But the research we’ve shared here also makes it clear that infrastructure alone is not enough.

A private AI environment doesn’t automatically solve weak identity controls, overprivileged agents, or poor visibility into machine credentials. In fact, only 7% of organisations in the Akeyless report believed their existing controls could stop a compromised or malicious AI agent, and only 13% believed they could detect one immediately.

Which suggests the next phase of AI security will be heavily focused on containment. 

The organisations that succeed with AI will be the ones that:

• Treat AI agents as privileged non-human identities
• Apply least-privilege access
• Monitor credential use continuously 
• Build recovery plans for AI-driven compromise

Because once AI systems gain access to sensitive data and operational workflows, the problem isn’t just oversharing. It’s trust at machine speed.