Adapting to AI agents, growing risks and perimeter focus -- identity predictions for 2026
Identity remains key to cybersecurity with stolen IDs opening the door to many attacks. And with the rise of AI agents and machine identities it isn’t just just humans that we have to worry about. Here’s what some leading industry figures think we can expect from the identity landscape in 2026.
Itamar Apelblat, CEO and co-founder of Token Security, thinks compliance frameworks will need to be rebuilt to account for AI agents. “Traditional compliance models were designed for human-centric workflows, and they are already breaking. Over the next year, frameworks will evolve to recognize AI agents as workforce identities with their own permissions, accountability requirements, and control expectations. Organizations that fail to adapt will fall out of step with regulators and customers.”
Identity systems will become the next national security priority, believes Kevin Albano, global head of X-Force Threat Intelligence at IBM. “With the explosion of AI and the rise of autonomous agents, identity is becoming the easiest -- and most high-risk -- entry point for attackers. Next year, expect a surge in identity-focused attacks as adversaries exploit gaps in how organizations manage and secure these systems. New attack surfaces are emerging through deepfakes, biometric voice spoofing, and model manipulation -- threats existing security frameworks were never designed to address. Given the sensitivity of AI-driven data and agentic workflows, identity will need to be treated as critical national infrastructure. This shift will require specialized threat-hunting capabilities, AI-specific protections, and infrastructure-level security controls to defend against increasingly sophisticated external attacks. Identity will no longer be just an access layer -- it will be a strategic security priority on par with networks and cloud."
Almog Apirion, CEO and co-founder of Cyolo, says:
AI is quickly becoming a dual threat to enterprises, especially in the industrial sector. Inside the organization, new AI tools create more autonomous processes and more access points, therefore increasing risk. And externally, attackers are using AI to find weaknesses faster and then scale attacks far beyond human capacity. With both internal AI-driven risks and external AI-powered threats expanding the OT attack surface, organizations must now defend against two converging fronts.
In 2026, strong IT/OT segmentation, Zero Trust access, and strict limits on lateral movement, identity-based controls for both humans and AI agents, and supervised access pathways will no longer be optional -- they will be required to keep critical systems safe and secure. These controls are essential for containing damage, enforcing accountability, and reducing exposure as AI becomes more deeply embedded in industrial operations.
AU10TIX CEO Yair Tal, thinks AI agents will mean identity shifts to verifying both the agent and the human behind it. “Until now digital agents and bots have been treated as threats to be blocked. But 2026 marks a new reality: agents will increasingly act on behalf of people making purchases, booking travel, submitting applications, executing workflows, and many of these agents will be legitimate. The challenge is no longer to eliminate agents, but to authenticate them and determine who is the human behind the agent. This creates a new trust paradigm where the goal is to differentiate between good bots and bad bots, and to validate agent behavior the same way we validate human behavior.”
Tim Burke, CEO of Quest Technology Management, says, “Credential theft and insider risks are growing exponentially. Multi-factor authentication, identity monitoring, and AI-augmented anomaly detection are no longer optional -- they’re essential defenses for any mid-market enterprise.”
“AI authenticity and supply chain integrity will overtake data confidentiality as the foremost concern in digital trust,” thinks Jason Sabin, CTO of DigiCert. “As autonomous agents proliferate, organizations will demand verifiable identity and provenance for every AI asset -- from training data to model outputs. Cryptographic signing, provenance tracking, and Model Context Protocol (MCP) will form the backbone of new governance frameworks that authenticate, sign, and monitor models throughout their lifecycle. Boards and regulators alike will prioritize provable AI accountability, driving adoption of PKI-based standards that make authenticity and traceability the defining measures of enterprise trust.”
Alex Vovk, CEO and co-founder of Action1, thinks, “2026 will see increased threat exploitation of identity systems, authentication bypass issues, MFA weaknesses, and exposed credentials. Credential theft and stolen access will remain major vectors. Due to the increase in "stealer" malware and credential-dumping campaigns in 2025, identity-centric vulnerabilities will remain a critical class of vulnerabilities.”
Peter Blanchard, document workflow security strategy principal at HP, says:
In 2026, we’ll see efforts within enterprise security shift from fragmented identity frameworks and perimeter-based controls to a unified, data-centric model. Today’s zero-trust implementations often create complexity and fatigue, with identity scattered across users, apps, and devices. This fragmentation leads to blind spots, inconsistent enforcement, and poor user experience. The next phase will prioritize consolidation: centralized identity orchestration that simplifies access, strengthens governance, and reduces operational risk.
At the same time, we’ll see security move from focusing on point of entry, to managing the custody of data throughout its lifecycle. Organizations will need visibility into where data originates, how it is used, and who has access -- even after it leaves their boundaries. Identity and policy will travel with the data, embedded through persistent controls, telemetry, and rich metadata. Dynamic permissions such as ‘can I share this?’ will evolve into continuous oversight, ensuring compliance online and offline.
Ian Gray, vice president of intelligence at Flashpoint, also thinks organizations need to focus on the identity perimeter. “The infostealer economy has fully industrialized the attack chain, making initial compromise a low-cost commodity. Multiple security incidents in 2025 tie back to credentials found in infostealer logs. This reality has underscored the critical importance of digital trust -- specifically, verifying who can access what resources. For 2026, identity is the perimeter to watch, and security teams must proactively hunt for compromised credentials before they’re weaponized.”
Craig Birch, technology evangelist and principal security engineer at Cayosoft, says, "Organizations will make identity hygiene a focal point of their AI strategy. Active Directory (AD) remains a long-term legacy stack across most organizations and protecting it will become a focal point of their AI strategy in 2026. As organizations adopt AI technologies to streamline internal processes and deliver more value to customers, it will force them to make identity hygiene a priority. Advancements in AI have already led to the speed and sophistication of identity attacks, reinforcing the reality that Active Directory and Entra ID will be at the center of the AI strategy. With no standardized protocols in place, organizations will apply controls to non-human identities and autonomous AI agents, including least privilege, short-lived credentials, key and secret rotation, and SSO enforcement. To avoid sins of the past becoming sins of the future, we’ll see organizations use same prompt driven checks that attackers use and policy automation to build intelligence to surface Microsoft identity weakness before rolling out an AI strategy across the business."
How do you see the identity landscape in 2026? Let us know in the comments.
Image credit: Milkos/depositphotos.com
