E70 - Identity Is Your Security Nerve Center

Posted on September 18, 2025 • 4 min read • 734 words
Identity   IAM   Zero Trust   AI   SailPoint   Non-Human Identity   OWASP  
Identity   IAM   Zero Trust   AI   SailPoint   Non-Human Identity   OWASP  
Share via
63% of enterprises remain in the lowest two identity maturity horizons. Less than 40% govern AI agent identities. SailPoint’s data tells the story.
Weekly Risk Intelligence Brief   The 30-Second Brief   The Maturity Reality Check   North America Leads — But Not By Much   The Non-Human Identity Problem   AI as an Identity Force Multiplier   The Data Quality Problem   The ROI Case   What CISOs Should Do Now   The Bottom Line  
E70 - Identity Is Your Security Nerve Center

By FIR Risk Advisory | Cybersecurity Fraud Intelligence

Weekly Risk Intelligence Brief  

Source: SailPoint — The Horizons of Identity Security 2025

The 30-Second Brief  

SailPoint surveyed 375 IAM decision-makers and the headline is sobering: 63% of enterprises remain in the lowest two maturity horizons — highly manual processes, limited automation, and fragmented visibility. Meanwhile, AI agents are becoming the fastest-growing identity type, and less than 40% of organizations govern them.

Identity isn’t just an access control mechanism anymore. It’s a detection and response layer. And most organizations aren’t ready.

The Maturity Reality Check  

North America Leads — But Not By Much  

Maturity Distribution (North America):

  • Horizon 1–2 (low maturity): 54%
  • Horizon 3 (digitalized, beginning automation): 32%
  • Horizon 4+ (advanced, AI-driven): 14%

North American organizations lead globally due to regulatory pressure and higher security investment. But here’s the uncomfortable detail: 4% of organizations actually regressed in 2025 as capability thresholds rose — especially around AI agent governance.

INTEL [TREND]: Over half of North American enterprises are still running identity programs with manual processes and fragmented visibility. If your organization is in Horizon 1–2, you’re in the majority — but that’s not a safe place to be. Benchmark your maturity and build a roadmap.

The Non-Human Identity Problem  

This is the section that should keep CISOs up at night.

  • Less than 40% of organizations currently govern AI agent identities
  • One-third of organizations expect 30%+ growth in non-human identities over 3–5 years
  • OWASP formally recognized non-human identities as a top 2025 cyber risk
  • Third-party identities (vendors, contractors, external workforce) remain inconsistently governed

Machine identities — service principals, API keys, AI agents, bots — are multiplying faster than human identities. And most organizations have no inventory, no lifecycle management, and no governance framework for them.

INTEL [VULNERABILITY]: Non-human identities are the fastest-growing and least-governed identity type in most enterprises. OWASP’s recognition of NHI as a top 2025 risk validates what the data shows — govern them now before growth makes it unmanageable.

AI as an Identity Force Multiplier  

The maturity gap creates a compounding advantage for organizations that invest:

  • Mature organizations (Horizon 3+) deploy agentic AI for identity operations at 2x the rate of others
  • These firms are 2.8x more likely to achieve cost savings from IAM
  • 70% more likely to see risk reduction from IAM investments
  • Advanced organizations use identity signals in ITDR (Identity Threat Detection & Response) at 4x higher adoption rates

INTEL [GLOBAL RECOMMENDATION]: Identity-integrated threat detection reduces containment time and prevents lateral movement. If your SIEM/SOAR doesn’t ingest identity signals today, it’s missing the highest-value telemetry available.

The Data Quality Problem  

Even advanced organizations are struggling here: 44% of advanced orgs still report poor data quality in their identity systems. And the downstream effects are severe:

  • 48% of IAM deployments exceed budget
  • 60% miss timelines
  • Application onboarding remains the bottleneck

Automation is the tipping point — but automation built on bad data just scales mistakes faster.

INTEL [SECTOR ALERT]: Data hygiene is the primary barrier to identity automation. Before investing in AI-driven identity tools, audit your data quality. Organizations optimizing identity data workflows are 90% more likely to see productivity gains.

The ROI Case  

IAM delivers the highest perceived ROI among security domains — outranking endpoint, data, cloud, and application security.

  • Organizations optimizing identity data workflows are 90% more likely to see productivity gains
  • Mature programs achieve 10x+ ROI when accounting for cost reduction, productivity, and reduced compliance penalties
  • Identity-integrated threat detection reduces containment time and prevents lateral movement

This is your board-level justification. Identity isn’t a cost center — it’s the highest-returning security investment available.

What CISOs Should Do Now  

  1. Benchmark maturity levels against SailPoint’s Horizons framework to prioritize investments
  2. Govern non-human identities immediately — inventory machine identities, AI agents, and service accounts before growth accelerates
  3. Normalize identity data to unlock automation capabilities — bad data blocks every downstream initiative
  4. Integrate identity signals into SecOps and SIEM/SOAR platforms for real-time threat detection
  5. Justify funding using ROI and productivity benchmarks — this is the easiest security investment to defend at the board level

The Bottom Line  

“Identity has moved from an access gate to a security nerve center. CISOs that get ahead on identity visibility, AI governance, and automation will reduce risk, boost resilience, and unlock enterprise agility.”

That’s not aspiration. That’s the data talking.

Find all editions on FIR Risk Tuesday | GitHub

On this page: