Enterprises Are Racing Toward AI Agents While Their Identity Infrastructure Is Still Stuck in the Past

The future of enterprise security is supposed to be autonomous. AI agents negotiate contracts, move money, write code, and respond to incidents at machine speed. But according to a new industry survey, the foundation those agents depend on is still riddled with legacy systems that attackers already know how to exploit.

That tension sits at the center of The Identity Underground Annual Pulse 2026, a new report drawing on survey data and candid commentary from more than 150 identity security executives and practitioners. The findings reveal a widening disconnect between what leadership fears next and what security teams are fighting every day.

Executives overwhelmingly view AI-enhanced threats and AI agent governance as their top priority for 2026. More than half cite AI-driven attacks as their primary concern. Practitioners, however, report that the most common attacks they face are far more familiar. Credential stuffing and password spraying still dominate, precisely because they continue to work.

The contradiction is not theoretical. Eighty-two percent of organizations surveyed say legacy identity infrastructure is actively creating security risk today. NTLM authentication, a decades-old protocol that lacks modern protections, remains widespread and continues to enable lateral movement inside corporate networks. Attackers do not need cutting-edge AI when valid credentials grant them easy access.

The result is an industry trying to build for tomorrow while constantly patching yesterday.

The preparedness gap

Only 2.6 percent of executives say they feel very prepared for AI-based identity attacks. Yet nearly a third are already building AI governance frameworks, attempting to define how autonomous agents should authenticate, access data, and make decisions inside enterprise systems.

Practitioners see the gap more bluntly. When credentials are compromised, the attack path rarely changes. Stolen access leads to lateral movement, privilege escalation, and eventual control of high-value systems. The difference today is speed. Automation reduces the time attackers need to pivot, while defenders still rely heavily on manual correlation across identity providers, privileged access tools, governance platforms, and SIEMs.

That operational friction shows up during incidents. More than half of executives say poor integration between security tools is their biggest challenge in response. Identity teams become human APIs, manually stitching together logs and timelines while attackers continue to move.

Legacy is not going away quietly

Most organizations acknowledge the problem. Nearly 60 percent report gradual modernization strategies that run in parallel with existing infrastructure. Almost half wrap legacy systems in additional monitoring and controls. A smaller but growing group is accelerating replacement due to security risk.

Few believe wholesale replacement is realistic. Identity systems are deeply embedded in business processes, supply chains, and third-party relationships. Breaking them outright breaks work.

That reality creates a paradox. Multi-factor authentication coverage is now high across many enterprises, with over 30 percent reporting near universal deployment. Yet users increasingly complain that security controls interrupt legitimate work. Session timeouts, repeated prompts, and approval delays push people toward risky workarounds like password reuse.

Several respondents point to phishing-resistant MFA, passkeys, and passwordless authentication as a way out. Removing shared secrets reduces both attack success and user friction. But legacy systems that still require passwords slow adoption.

The rise of non-human identities

If human identities are difficult to manage, non-human identities are becoming unmanageable. Service accounts, API keys, cloud roles, bots, and AI agents now outnumber employees in many environments. Forty-five percent of executives cite lack of visibility into non-human identities as a major concern. Only 5 percent say they have a complete inventory.

Unlike employees, non-human identities do not change roles, request access, or leave the company cleanly. Credentials persist long after their creators move on. Third-party integrations multiply the problem, adding external identities that operate continuously and often invisibly.

Most organizations scan for exposed credentials in some form, but gaps remain common. Exposed secrets continue to be a reliable entry point for attackers.

Identity impersonation goes mainstream

Several contributors warn that impersonation attacks are accelerating. North Korean operatives posing as remote IT workers have infiltrated companies of every size, funneling salaries back to state programs. Criminal groups like Scattered Spider have used impersonation to launch devastating extortion campaigns, exploiting help desks and identity workflows rather than technical vulnerabilities.

Jeff Farinich, CISO at New American Funding, argues that identity verification has become a missing layer in most security programs.

“Verification is not bureaucracy. It is defense,” he said.

Yet adoption remains limited, even as AI tools make it easier to generate convincing fake identities and documents.

AI agents change the rules

The most forward-looking sections of the report focus on agentic AI. Unlike traditional software, AI agents act with autonomy, scale instantly, and lack human judgment or accountability. They inherit access, create sub-agents, and operate across systems faster than defenders can respond manually.

Susanne Senoff, CISO at PROS, frames the challenge as one of engineered trust rather than assumed trust. AI agents must be treated as digital employees with tightly scoped identities, dynamic permissions, and mandatory human approval for high-impact decisions.

“Trust in AI can’t be assumed. It must be engineered through careful design and continuous validation,” she said.

Investors agree the problem is real. Mark Kraynak of Acrew Capital argues that AI agents represent a third identity category alongside humans and machines, one that existing security models cannot fully address. The winners, he says, will be platforms that understand business context, not just access rules.

Fix the foundation first

Despite the complexity, the report is not pessimistic. It documents an industry in motion. Identity and cyber defense teams are converging. Just-in-time privilege is moving from theory into production. Unified platforms are replacing point solutions. Organizations are measuring friction, not just compliance.

But the message is clear. None of it works if the foundation remains broken.

“You can’t layer AI governance on authentication infrastructure that still runs NTLM,” the report concludes.

Before enterprises hand control to autonomous agents, they must finish cleaning up the systems that attackers already exploit. The future of identity security depends less on chasing the next threat than finally fixing the ones that never went away