A new report from CloudEagle.ai, the AI-powered SaaS management and governance platform, reveals that 60% of enterprise SaaS and AI applications now operate outside IT’s visibility. This surge in “invisible IT” is fueling a crisis in identity governance, leading to increased breaches, audit failures, and compliance risk across enterprises.
A survey of 1,000 enterprise CIOs and CISOs reveals a critical shift: most breaches originate internally, driven by excessive permissions, stale accounts, and fragmented identity governance. Manual onboarding, infrequent access reviews, and siloed deprovisioning only worsen the risk. 70% of CIOs flagged unsanctioned AI tools as a top data concern, and 48% of former employees still have app access months after leaving.
“Traditional IAM tools can’t keep up with today’s SaaS and AI-driven environments because not all apps are managed by IT, and not everything sits behind a centralized IAM system. IGA is at a tipping point, and enterprises must shift to AI-driven access management to stay secure and compliant,” says Nidhi Jain, CEO and Founder, CloudEagle.ai.
Key findings from the report show the scale of access sprawl:
- 1 in 2 employees have excessive privileges
- Only 15% have implemented Just-In-Time (JIT) access across departments
- 50% admit privilege creep is common, yet only 5% enforce least-privilege policies
The report urges enterprises to be proactive and embrace AI-powered identity governance. For years, IT teams were underfunded and lacked executive visibility to drive meaningful change. That’s now shifting, as identity governance is increasingly recognized as a core security function, these teams are gaining the budget, authority, and urgency traditionally reserved for security operations, enabling them to govern and secure the rise of AI and SaaS.
- Implement context-aware, zero-trust access controls
- Hire a Chief Identity Officer (CIDO) to unify governance across all teams
- Auto-provision/deprovision apps based on real-time usage
- Enforce JIT access for high-risk roles to eliminate standing privileges
- Run continuous, behavioral AI-based access reviews
Link to the report – https://www.cloudeagle.ai/iga-report
