Enterprises Now Manage 100× more machine Than Human Identities, AI Promise Outpaces Reality, and Vendor Complexity Drives Industry-Wide Consolidation Push
AUSTIN, Texas--(BUSINESS WIRE)--ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, today released its Identity Security Outlook 2026 report. The report offers a forward-looking view into the trajectory of the identity security industry, the priorities of top executives in North America, and the philosophies and perspectives shaping IAM leadership today. The report reveals several facts relating to the surge of machine identities, uncertainty around AI adoption, and unsustainable vendor fragmentation. Together, these findings point to an inflection point for identity security, where scale, staffing constraints, and architectural sprawl are forcing organizations to rethink how identity is governed.
Non-Human Identities Are Now the Fastest-Growing Frontier in Identity Security
The survey reveals a stark finding on the explosive growth of non-human identities —such as service accounts, bots, certificates, agents, and LLMs— that power modern automation and cloud infrastructure. This proliferation has transformed identity security from a primarily workforce-focused discipline into one dominated by non-human accounts over which most organizations lack even basic visibility.
- The majority of organizations now manage machine identities that vastly outnumber human users, with ratios commonly exceeding 100:1 and some sectors approaching 500:1.
- While 80% of top leaders believe dormant or orphaned machine accounts are tracked, barely half of practitioners confirm it.
- Only 12% of organizations have achieved comprehensive automated life cycle management for machine identities. The remaining 88% rely on manual or ad-hoc processes that cannot scale with 100:1 ratio.
"The machine identity explosion represents identity security's next frontier," said Ramanathan Kannabiran, director of product management at ManageEngine. "When non-human identities outnumber humans by orders of magnitude, the likes of which we see today, traditional governance approaches collapse. Organizations must fundamentally rethink how they manage and secure these identities before the scale becomes completely unmanageable."
AI Adoption Trends Reveal Gap Between Expectation and Execution
The survey reveals that organizations increasingly view AI as a lifeline to address persistent skill shortages, hoping technology can bridge the expertise gap that hiring alone cannot fill. The research, however, uncovers a stark perception divide between leadership and operational teams.
- Nine in 10 organizations are piloting or using AI in IAM, yet only 7% have organization-wide deployment.
- One in five organizations cite IAM skill shortages and complexity as major challenges. The North American region shows increased reliance on AI augmentation as a way to bridge the expertise gap rather than restructuring toolsets.
- C-suites (68%) are bullish on AI for identity risk modelling and analytics; managers (27%) call it impractical.
Together, these findings suggest that AI adoption in IAM is widespread but shallow, with experimentation far outpacing operational maturity.
Consolidation Paves the Way Forward for Identity Security in 2026
The survey shows that operational strain is closely associated with an industry-wide move toward consolidation. Nearly all North American organizations report that they are either actively consolidating platforms or evaluating vendor unification. Simultaneously, the overwhelming majority of respondents indicate plans to maintain or increase identity security investment in 2026, suggesting that consolidation is occurring alongside sustained or growing budget allocation rather than budget contraction.
Practitioners primarily emphasize near-term operational needs, including improved integration, automation to manage workload volume, and increased visibility into machine identities as their investment priorities. Leaders place greater emphasis on longer-term investments, including unified platforms, AI-enabled capabilities, and formal governance frameworks designed to support future identity security scale.
- One in three organizations spend more time managing IAM vendors than managing privileged users. Nearly three in four organizations in the United States have a fragmented IAM stack.
- With 36% actively consolidating and another 46% evaluating, nearly the entire leadership tier is steering their organizations toward unified identity platforms.
- Identity challenges and investments are finally aligned, as the same pain points driving identity fatigue, including governance gaps (49%), compliance pressure (48%), and emerging identity complexities (46%), have become the top investment priorities for 2026.
"What we are witnessing is consolidation becoming the long-term norm for identity security, not just a response to today’s complexity,” said Kannabiran. “Organizations gain immediate relief through simpler vendor management, but the real value is long-term, which is the ability to govern machine identities at scale, deploy AI responsibly, and adapt to new threats without adding operational burden. True consolidation is not about stitching together acquired tools. It is about building a future-ready architecture where every component is designed to work coherently, with unified data models and a common policy framework that operate natively across the platform."
Survey Methodology
The study surveyed 515 senior identity and security professionals across the US and Canada in October 2025. More than half of the respondents were executive decision-makers holding director-level or C-suite roles, with the remainder comprising senior practitioners and mid-managers. Participants represented organizations generating over $100 million in annual revenue across sectors including finance, healthcare, technology, government, retail, manufacturing, and professional services.
The full report distills the most influential shifts in identity security and provides a detailed analysis of the forces reshaping IAM. For a deeper look at these dynamics, download the Identity Security Outlook 2026 here.
About PAM360
PAM360 is ManageEngine's unified PAM platform that helps IT teams enforce strict governance on access pathways to critical corporate assets. With a holistic approach to privileged access security, PAM360 caters to core PAM requirements and facilitates contextual integration with multiple other IT management tools, resulting in deeper insights, meaningful inferences, and quicker remedies. More than 5,000 global organizations and over one million administrators trust PAM360 with their PAM needs. To learn more about PAM360 and its enterprise-grade capabilities, please visit https://mnge.it/pam360.
About ManageEngine
ManageEngine is a division of Zoho Corporation and a leading provider of IT management solutions for organizations across the world. With a powerful, flexible, and AI-powered digital enterprise management platform, we help businesses get their work done from anywhere and everywhere—better, safer, and faster. To learn more, visit www.manageengine.com.
Contacts
Media Contact
Ahana Vissa
ManageEngine
ahana.g@manageengine.com
