A new report from CloudEagle.ai, the AI-powered SaaS management and governance platform, reveals that 60% of enterprise SaaS and AI applications now operate outside IT’s visibility. This surge in “invisible IT” is fueling a crisis in identity governance, leading to increased breaches, audit failures, and compliance risk across enterprises.
A survey of 1,000 enterprise CIOs and CISOs reveals a critical shift: most breaches originate internally, driven by excessive permissions, stale accounts, and fragmented identity governance. Manual onboarding, infrequent access reviews, and siloed deprovisioning only worsen the risk. 70% of CIOs flagged unsanctioned AI tools as a top data concern, and 48% of former employees still have app access months after leaving.
Key findings from the report show the scale of access sprawl:
- 1 in 2 employees have excessive privileges
- Only 15% have implemented Just-In-Time (JIT) access across departments
- 50% admit privilege creep is common, yet only 5% enforce least-privilege policies
The report urges enterprises to be proactive and embrace AI-powered identity governance. For years, IT teams were underfunded and lacked executive visibility to drive meaningful change. That’s now shifting, as identity governance is increasingly recognized as a core security function, these teams are gaining the budget, authority, and urgency traditionally reserved for security operations, enabling them to govern and secure the rise of AI and SaaS.
- Implement context-aware, zero-trust access controls
- Hire a Chief Identity Officer (CIDO) to unify governance across all teams
- Auto-provision/deprovision apps based on real-time usage
- Enforce JIT access for high-risk roles to eliminate standing privileges
- Run continuous, behavioral AI-based access reviews
Link to the report – https://www.cloudeagle.ai/iga-report
1 in 2 Employees Have Excessive Privileged Access—CloudEagle.ai Survey Warns of Escalating Insider Risk due to AI and SaaS Sprawl
Posted in Commentary with tags CloudEagle.a on June 25, 2025 by itnerdA new report from CloudEagle.ai, the AI-powered SaaS management and governance platform, reveals that 60% of enterprise SaaS and AI applications now operate outside IT’s visibility. This surge in “invisible IT” is fueling a crisis in identity governance, leading to increased breaches, audit failures, and compliance risk across enterprises.
A survey of 1,000 enterprise CIOs and CISOs reveals a critical shift: most breaches originate internally, driven by excessive permissions, stale accounts, and fragmented identity governance. Manual onboarding, infrequent access reviews, and siloed deprovisioning only worsen the risk. 70% of CIOs flagged unsanctioned AI tools as a top data concern, and 48% of former employees still have app access months after leaving.
Key findings from the report show the scale of access sprawl:
The report urges enterprises to be proactive and embrace AI-powered identity governance. For years, IT teams were underfunded and lacked executive visibility to drive meaningful change. That’s now shifting, as identity governance is increasingly recognized as a core security function, these teams are gaining the budget, authority, and urgency traditionally reserved for security operations, enabling them to govern and secure the rise of AI and SaaS.
Link to the report – https://www.cloudeagle.ai/iga-report
Leave a comment »