Updated Jul 16, 2026
/Bank7 Corp. Posts Unaudited Q2 2026 Results, Cites Core Banking Performance/Treasury yields rise as Fed rate-hike expectations build ahead of June inflation data/Nine in 10 IT and C-suite leaders say identity management is a critical gap in agentic AI deployments/Forum Markets pays $12 million for aircraft engine, targets five-engine aviation portfolio/AMETEK sets Aug. 4 pre-market release for second-quarter 2026 earnings/Fed Chairman Warsh faces inflation credibility test after Capitol Hill testimony/Bank7 Corp. Posts Unaudited Q2 2026 Results, Cites Core Banking Performance/Treasury yields rise as Fed rate-hike expectations build ahead of June inflation data/Nine in 10 IT and C-suite leaders say identity management is a critical gap in agentic AI deployments/Forum Markets pays $12 million for aircraft engine, targets five-engine aviation portfolio/AMETEK sets Aug. 4 pre-market release for second-quarter 2026 earnings/Fed Chairman Warsh faces inflation credibility test after Capitol Hill testimony

Nine in 10 IT and C-suite leaders say identity management is a critical gap in agentic AI deployments

TINTON FALLS, N.J., July 16. Ninety percent of C-level and IT leaders surveyed say their organizations need identity-management improvements to address AI-related risks, according to findings released by Commvault (NASDAQ: CVLT). The survey, conducted by technology analysts and targeting senior decision-makers, identifies a specific exposure at the center of that concern: a surge of non-human identities gaining always-on access to corporate data.

By Tomas Reyes2 min read
Share

TINTON FALLS, N.J., July 16. Ninety percent of C-level and IT leaders surveyed say their organizations need identity-management improvements to address AI-related risks, according to findings released by Commvault (NASDAQ: CVLT). The survey, conducted by technology analysts and targeting senior decision-makers, identifies a specific exposure at the center of that concern: a surge of non-human identities gaining always-on access to corporate data.

What the survey found

The research polled C-suite executives and IT leaders. Its central conclusion is that identity management, a control layer most enterprises built around human users, has become a recognized gap now that AI agents are operating inside corporate systems.

The mechanism is straightforward. A human employee's system access is tied to a login session. An AI agent's access is not. Whatever credentials an agent is provisioned with, it holds continuously, which makes a misconfigured or compromised non-human identity a standing exposure rather than a bounded incident. Nine in ten respondents told the survey their current controls are not adequate to manage that condition.

Non-human identities, as the survey frames them, include AI agents and similar automated systems that act on behalf of the organization without direct human involvement at each step.

Commvault and the source data

Commvault, based in Tinton Falls, N.J., and listed on Nasdaq as CVLT, describes itself as a provider of unified resilience. The company released the findings on July 16, 2026. The available summary does not specify sample size, full methodology, or the name of the technology analyst firm that conducted the research. Those details matter for gauging how broadly the 90% figure generalizes beyond the surveyed group.

Commercial implications

The survey frames identity management as the specific control point where agentic AI risk concentrates. Vendors in identity and access management and in data protection have a direct claim on remediation spending if organizations act on the gap they acknowledge.

Awareness of the problem is not what the data finds missing. Ninety percent of respondents have already concluded their controls fall short. What the survey does not answer is whether that acknowledgment moves budget.

Key takeaways

Frequently asked

Who conducted and released the survey?

The findings were released by Commvault, a Tinton Falls, N.J.-based provider of unified resilience listed on Nasdaq as CVLT, based on research conducted by unnamed technology analysts polling C-suite executives and IT leaders.

Why are AI agents considered an identity-management risk?

An AI agent's access is not tied to a login session like a human employee's, so it holds whatever credentials it is provisioned with continuously, turning a misconfigured or compromised non-human identity into a standing exposure rather than a bounded incident.

What are non-human identities?

As the survey frames them, non-human identities include AI agents and similar automated systems that act on behalf of the organization without direct human involvement at each step.

What limitations does the reported data have?

The available summary does not disclose the sample size, full methodology, or the name of the analyst firm, details that matter for gauging how broadly the 90% figure generalizes beyond the surveyed group.

Does the survey show whether companies will spend to fix the gap?

No; while 90% of respondents have already concluded their controls fall short, the survey does not answer whether that acknowledgment moves budget toward remediation.