Investment in identity security on the rise

Identity security is rising fast, with companies now managing a plethora of identity and access management (IAM) tools, privilege access management (PAM) products, single sign-on and specialist tools for cloud environments.

Over 92 percent of identity and security professionals in North America are expecting identity security budgets to grow or remain stable, according to a new survey released by ManageEngine. Over three-quarters of firms in this region are also consolidating or evaluating how to unify their fragmented IAM solutions, the Texas-based firm notes.

A subsidiary of Zoho Corp., ManageEngine offers tools for managing IT operations. Its recent research, Identity Security Outlook 2026, also looks into trends such as the rise of non-human identities and the integration of AI-based tools into IAM.

Over 90 percent of organizations are attempting to integrate AI tools, such as behavioral analytics, risk-based adaptive authentication, threat detection and response and more. However, only 7 percent say that they have achieved organization-wide deployment. One of the reasons behind this is a lack of talent.

“The most defining force shaping identity security isn’t AI; it’s the shortage of skilled practitioners needed to manage increasingly complex ecosystems,” the report notes.

When it comes to non-human identities (NIHs), digital entities used to identify, authenticate and authorize machines, devices, and IT infrastructure, companies are seeing a sharp rise this year: North American enterprises manage at least 100 times more machine identities than human identities, with some sectors reaching a ratio of 500:1, according to the survey.

ConductorOne: Employees ignoring IAM policies among top 3 challenges

A separate survey from identity security company ConductorOne brings similar conclusions.

Non-human identities (NIHs) are rising and which means that the risks associated with them are urgent, according to 93 percent of respondents. Around a quarter noted that the risks are “extremely” urgent, according to the 2025 Future of Identity Security Report.

When asked what the biggest challenges in managing NHIs within their companies were, over half of the 494 respondents said it was ensuring that NHIs have the right privilege levels. The survey covered IT security professionals.

ConductorOne’s research also confirms that budgets for identity and access management (IAM) are increasing, with 84 percent of respondents confirming. The top three challenges for IT professionals in IAM are system complexity, tooling limitations – and employees who ignore policies.

The San Francisco-headquartered firm also delved into the rise of agentic AI. According to the survey, nearly 90 percent expect to implement AI agents in their security departments in the next two years. Despite this, a notable 83 percent are worried about the risks associated with AI agents.

What’s next for the industry? Deals, deals, deals

The identity security industry is continuing to grow, including with more deals.

Last week, NASDAQ-listed cybersecurity firm CrowdStrike announced it was acquiring identity security startup SGNL.

CrowdStrike said it plans to integrate SGNL access management technology to deliver continuous, real-time access control for both machine and human identities. The firm did not disclose the value of the deal.

In December, identity management firm Saviynt announced a US$700 million series B equity funding round led by KKR. The company plans to invest heavily in R&D, particularly building out additional AI-based capabilities, according to Dan Mountstephen, the company’s senior vice president for Asia-Pacific and Japan (APJ).

For 2026, Mountstephen predicts more identity types, which will need new management systems. A company employing 100,000 people may end up managing one million identities. Thanks to the rise of non-human identities (NHI).

At the same time, organizations are already struggling with managing multiple identity security tools.

“You cannot scale and implement AI without getting the foundational element of identity correct,” Mountstephen told news outlet CRN Asia. “I think we will also continue to see this rapid consolidation of tools and platforms. It’s just not sensible, practical for companies to manage 54 different tool sets and hire 54 different people with skills to deploy it.”

Article Topics

access control  |  biometrics  |  ConductorOne  |  identity access management (IAM)  |  identity security  |  investment  |  non-human identities  |  SGNL