A new report from Tenable is warning that organizations are creating what it describes as a growing “AI exposure gap,” as enterprises race to deploy AI tools and cloud-native services faster than security and governance teams can keep up.
The “Cloud and AI Security Risk Report 2026” examined telemetry data gathered from public cloud and enterprise ecosystems from April to October 2025, while the AI-related data was taken until December 2025. The findings revealed that many organizations were unknowingly increasing their attack surface via overprivileged AI identities, vulnerable third-party libraries, and cloud credentials.
In addition to those findings, 18% of enterprises had identities with excessive privileges that the AWS artificial intelligence services could take over at once. As per the report, such identities hold highly administrative rights but are never subject to audits according to the least privilege policy.
The dormant privilege gap
“The most dangerous gap is the “Dormant Privilege Gap.” While organizations obsess over securing human logins with MFA, they are blind to the “keys to the kingdom” held by AI agents and non-human identities (NHIs),” said Brinton Taylor, Senior Product Marketing Manager for Cloud and Identity at Tenable.
“Our 2026 research found that 52% of organizations possess NHIs with critical excessive permissions, making them a higher risk than their human counterparts (37%).”
Taylor added that many organizations believe active monitoring is enough, despite the fact that “49% of identities holding critical-severity permissions are actually dormant, unused for 90 days or more.”
“This creates a massive, silent attack surface,” he said. “In the race for AI integration, 18% of organizations have created overprivileged IAM roles that AWS AI services can instantly assume, effectively building a pre-cleared path for lateral movement that attackers don’t even have to engineer.”
Supply chain risk
Another emerging threat associated with AI usage was the increased risk in software supply chains. According to Tenable, 70% of companies had implemented AI or Model Context Protocol (MCP) packages from third parties within their infrastructure. On top of that, 86% of organizations were executing critical code packages provided by third parties, while 13% of firms had adopted packages with a proven record of exploitation.
Identity management is another issue. Over half of the companies (53%) had third-party identities that were able to assume permission levels considered dangerously high, thus broadening their security strategy to involve third parties as well. Tenable found that 65% of firms have high-value resources being exposed by forgotten cloud credentials, whereas 57% run outdated and end-of-life technology.
Taylor said the next major breach is unlikely to stem from an advanced zero-day exploit, but rather from weaknesses organizations are already aware of but have failed to address.
“The next breach will reveal that organizations prioritized velocity over hygiene, leaving a trail of “sitting duck” workloads and unmanaged supply chain dependencies,” he said. “Boards are currently cheering for the “velocity boom” of AI with 55% of organizations now using AI tools for active business. The problem is they are ignoring the “Infrastructure Debt” it creates.”
Workload neglect, external over-trust
According to Taylor, the fallout from a future incident will expose two critical failures: “Workload Neglect” and “External Over-trust.”
“82% of organizations are currently running workloads with known, exploited critical CVEs,” he said. “53% of organizations have granted external accounts the ability to assume critical excessive permissions, tethering their security to the weakest link in their vendor chain.
“When the exploit hits, the post-mortem won’t find a sophisticated new zero-day; it will find a “forgotten” credential (present in 65% of orgs) that allowed an attacker to walk through the front door.”
This report constantly presents the problem as one of engineering speed outrunning governance sophistication. According to Tenable, organizations continue to depend on disconnected security solutions and remediation methods that fail to adequately capture the dependencies between AI services, cloud workloads, identities, and data.
Rather than concentrating solely on vulnerabilities in numbers, Tenable calls on companies to employ exposure management practices based on context, emphasizing identity dependency, access paths, workload exposure, and intercloud dependencies.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.