Skip to main content Tech Radar Pro Tech Radar Gaming Tech Radar Pro TechRadar the business technology experts Search TechRadar View Profile België (Nederlands) Deutschland North America US (English) Australasia New Zealand Expert Insights Website builders Web hosting Best website builder Best web hosting Best office chairs Best antivirus Expert Insights Recommended reading Artificial Intelligence Love and hate: tech pros overwhelmingly like AI agents but view them as a growing security risk Naughty, naughty! More than a third of IT workers are using unauthorized AI, despite risks of shadow tech looming large How to tackle shadow IT when AI is everywhere Businesses are facing increased identity-based attacks, and rouge applications are a top culprit AI powered cloud creates AI powered risks Generative AI will become essential in enterprise security Beyond AI-powered cybersecurity: why context and visibility are still a CISO’s top priority Insider risk on the rise as survey finds 50% of employees have too much privileged access - and AI will make it far worse Wayne Williams 30 June 2025 48% of ex-staff retain app credentials months after leaving When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Image Credit: Shutterstock (Image credit: Andrea Danti / Shutterstock) Half of employees hold excessive rights across AI and SaaS estates, CloudEagle report finds Invisible IT hides 60% of apps undermining traditional identity controls Study recommends AI governance plus just in time access and reviews Half of enterprise staff now hold excessive privileges to critical applications, new research has claimed. CloudEagle.ai’s latest identity governance report surveyed 1,000 CIOs and CISOs and found 60% of SaaS and AI tools sit outside IT’s oversight. Invisible IT is expanding insider risk, driving breaches, audit failures, and compliance headaches, the report says. You may like Love and hate: tech pros overwhelmingly like AI agents but view them as a growing security risk Naughty, naughty! More than a third of IT workers are using unauthorized AI, despite risks of shadow tech looming large How to tackle shadow IT when AI is everywhere Privilege creep It found 70% of leaders listed unsanctioned AI tools as a leading data worry, while 48% admitted former staff still hold access, even months after leaving. Privilege creep is common, yet only five percent of organizations actively enforce least privilege settings, and just fifteen percent use just in time access company wide, despite mounting proof that temporary credentials cut risk and audit scope. “Traditional IAM [Identity and Access Management] tools can’t keep up with today’s SaaS and AI-driven environments because not all apps are managed by IT, and not everything sits behind a centralized IAM system. IGA [Identity Governance and Administration] is at a tipping point, and enterprises must shift to AI-driven access management to stay secure and compliant,” says Nidhi Jain, CEO and Founder, CloudEagle.ai. CloudEagle.ai’s platform positions itself as an AI-centric answer, yet the report stresses that technology alone is not enough. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. It recommends appointing a Chief Identity Officer to coordinate policies across business units and automate provisioning, reviews, and removals. Zero trust, context-aware controls should replace broad standing access, while behavioral analytics help flag anomalies before they become incidents. The study also suggests continuous access reviews powered by machine learning can shrink privilege windows without slowing work. With shadow SaaS use rising and insider-led events now dominating breach reports, the era of annual checklists appears to be over. Analysts say boards pay closer attention as regulators fine organizations for permission sprawl that exposes customer records and intellectual property. Without time view of every identity, leaders concede they cannot meet zero trust goals or prove compliance under cyber insurance questionnaires. You might also like I am a cybersec expert and this is why we should be talking more about Data Loss Prevention Building a resilient workforce security strategy Why digital identity is the ultimate battleground in cybersecurity Wayne Williams Social Links Navigation Wayne Williams is a freelancer writing news for TechRadar Pro. He has been writing about computers, technology, and the web for 30 years. In that time he wrote for most of the UK’s PC magazines, and launched, edited and published a number of them too. You must confirm your public display name before commenting Please logout and then login again, you will then be prompted to enter your display name. Love and hate: tech pros overwhelmingly like AI agents but view them as a growing security risk Naughty, naughty! More than a third of IT workers are using unauthorized AI, despite risks of shadow tech looming large How to tackle shadow IT when AI is everywhere Businesses are facing increased identity-based attacks, and rouge applications are a top culprit AI powered cloud creates AI powered risks Generative AI will become essential in enterprise security Latest in Security It's about time - Microsoft finally rolls out better passkey integration in Windows FBI warns Scattered Spider hackers are now going after airlines CitrixBleed 2 flaws are officially here - so get patching or leave your systems at risk Supermarket giant admits 2.2 million people could be hit by worrying data breach - what to do if you're affected Another major MOVEit flaw could be on the way - here's what we know Hacker pleads guilty to breaching company networks to pitch his own services Latest in News I don't generally recommend downloading Windows 11's preview updates, but some gamers may want to chance Microsoft's latest effort My favorite VR headset of 2025 has started selling out – here’s why you should grab one before it’s gone for good It's about time - Microsoft finally rolls out better passkey integration in Windows Project Hail Mary trailer teases Ryan Gosling’s desperate mission to save the sun in Amazon’s sci-fi spectacle movie DJI robot vacuum leak suggests the Roomba rival is getting closer – and could have an unusual design feature I never use Spotify's Discover Weekly playlist, but its big new upgrades could change that LATEST ARTICLES No need to wait for Prime Day! This gorgeous external SSD is cheapest 8TB SSD right now and it's faster than some PCIe SSDs Searching for a cheap robot vacuum? These 3 are the best budget bots on the market Jurassic World Rebirth review: I’m concerned this franchise is rapidly going extinct After reflecting on my hands-on with Pragmata at Summer Game Fest, I’m even more intrigued by the hybrid combat and puzzle action Apple could be planning 7 new devices to take on Meta’s Ray-Bans and Quest 3 – here’s what they could be TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site. Contact Future's experts Terms and conditions Privacy policy Cookies policy Advertise with us Web notifications Accessibility Statement Future US, Inc. Full 7th Floor, 130 West 42nd Street, Please login or signup to comment Please wait...