When Machines Outnumber Humans

Run this exercise: pull every active OAuth grant, service account, API key, and webhook from your three largest SaaS tenants. Count them. Now count the employees with access to those same systems. In most enterprise environments the ratio comes back somewhere between 100 and 200 to 1. Fewer than half of the machine credentials will have a named human owner your security team can verify on the first pass.

Industry reporting puts the average at 144 non-human identities (NHIs) per human, up 56% year over year. CIOs who audit their own tenants expect these numbers.

Alarmingly, our identity programs virtually ignore this non-human majority. We mandate MFA, run quarterly access reviews, chase dormant employee accounts, and report SSO coverage to the audit committee. That work covers the 1%. Most of the 99% runs unattended.

Attackers have noticed.

How We Got Here

Non-human identity sprawl is the direct cost of the best-of-breed SaaS strategy most of us endorsed over the last decade. Every new tool ships with an integration story: a calendar-read grant, a warehouse connector, a CI/CD pipeline secret, an analytics webhook. Each is rational in isolation. None of them route through HR onboarding, joiner-mover-leaver workflows, or the access review cycle auditors examine.

The result is over-grant by default.

Microsoft’s State of Cloud Permissions Risks reporting has consistently shown that fewer than 5% of granted machine permissions are actually used, while more than half qualify as high-risk. Nearly half of non-human identities hold sensitive or privileged scopes, creating what is effectively an unaudited population of shadow admins. The credential usually outlives the engineer who created it.

Why the Controls Diverged

Machine identity is genuinely harder to secure than human identity, and it is worth conceding that before arguing for change.

A service account has no second factor that makes operational sense. Rotation breaks integrations. Ownership disappears the moment an engineer moves teams. The industry’s response has been asymmetric not because anyone is negligent, but because human controls are easier to ship.

The asymmetry is now a liability.

After the 2024 Snowflake breaches, in which roughly 165 customer environments were compromised through stolen credentials, Snowflake mandated MFA for all human users. For service accounts, the guidance was a recommendation: consider passwordless authentication, consider network restrictions. The mandate stopped at the boundary where the credentials actually live.

The Salesloft Drift compromise in August 2025 made the gap operational. UNC6395 did not need malware or phishing. The group exfiltrated OAuth tokens from a chatbot integration and used those pre-approved, trusted, and never-rotated tokens to access Salesforce instances across more than 700 organizations, including Google, Cloudflare, and Zscaler. The integration was the front door. No human was reviewing it in real time because no one had built the review.

What an Operating Model Looks Like

The work is unglamorous and operationally heavy. A defensible NHI program needs four things, in roughly this order:

• Inventory with named ownership. Pull every OAuth grant, service account, API key, and webhook from your top five tenants. Assign a human owner from engineering or business operations to each. Anything without an owner after thirty days gets revoked. Percentage with verified ownership becomes your leading metric.

• An intake gate with teeth. Add a non-human identity review to SaaS procurement. Four criteria: what scopes does the integration request, who owns the credential, what is the rotation cadence, what is the revocation path. Staff it lightly, with one security architect and one engineering lead, and commit to a five-business-day SLA so procurement doesn’t route around you.

• Detection on the credentials that matter. Wire the top decile of privileged NHIs into your SIEM. Alert on anomalous source IPs, scope expansion, and bulk read operations. Most platforms already emit the audit events; the work is configuration, not engineering.

• A revocation drill, at least annually. Pick a non-critical integration, revoke every credential, and time the recovery. The Salesloft response was only contained by mass OAuth revocation, a break-glass move most enterprises had never rehearsed. Rehearse it. The first one will hurt, which is the point.

If last year’s IAM spend went entirely to human provisioning, SSO, and lifecycle automation, the budget asymmetry is now a board-level conversation. The percentage of identity spend allocated to non-human governance should be a number you can produce when asked.

The Agent Problem Is the Same Problem, Faster

Agentic AI does not introduce a new category of risk. It adds more identities to the same governance gap and accelerates throughput through it. Every autonomous agent deployed becomes another non-human identity, one that initiates action across multiple systems concurrently and at machine speed.

Roughly 68% of organizations report zero identity security controls specific to AI agents. That is not a future problem to plan for. That is the same intake gate, ownership model, and revocation drill, applied to a population that will dwarf the one we already cannot govern.

The strategic question for CIOs is not whether to invest in non-human identity governance. It is whether the investment lands before the first agent-driven incident makes the case for us.