40% Of Workflows Will Run On Agentic AI. Where's The Identity?

Gartner predicts that by 2028, 40 percent of enterprise workflows will be supported or executed by AI agents. At the same time, OpenAI, Google DeepMind, and Anthropic are accelerating the deployment of systems that can reason, plan, and take action across tools. The rise of agentic AI is no longer theoretical. It is operational.

But as automation scales, one uncomfortable question remains: who owns the identity of these agents?

The Rise of Agentic AI in Enterprise Workflows

The phrase “Where's The Identity?” is not merely a hype. It reflects a structural shift in how work gets done.

Agentic AI refers to systems that can independently perform multi-step tasks. Unlike traditional chatbots, these agents can access APIs, query databases, generate reports, and trigger actions without constant human input.

According to McKinsey, generative AI could add up to $4.4 trillion annually to the global economy. Much of that value comes from workflow automation. Enterprises are already deploying AI agents for IT service management, marketing automation, procurement, and software development.

The productivity upside is significant. The governance gap is equally large.

Where's The Identity?

Every workflow in an enterprise runs on identity and access management. Humans log in. Systems authenticate. Permissions are granted and revoked.

But what about AI agents?

Today, most organizations assign service accounts or shared credentials to automated systems. That model was designed for scripts, not autonomous agents capable of decision making.

If 40% of workflows are to run on agentic AI, where's the identity layer that tracks what each agent is authorized to do, what data it can access, and how it is audited?

Cybersecurity leaders warn that without granular identity controls, AI agents can become high value targets. A compromised agent with wide access can create cascading damage.

The Security and Compliance Blind Spot

Identity governance is already complex for human users. Add thousands of AI agents operating across cloud environments, and the attack surface multiplies.

The MIT Technology Review has highlighted concerns around AI agents executing actions without clear accountability trails. Regulators in the EU and US are also pushing for stronger AI auditability under frameworks such as the EU AI Act.

If 40% of workflows will run on agentic AI, where's the identity standard that regulators can enforce?

Right now, it is fragmented. Some cloud providers are experimenting with AI specific access tokens and scoped permissions. But there is no universal framework.

Building Identity for Autonomous Systems

Forward looking enterprises are exploring three approaches:

1. Assigning unique, traceable digital identities to each AI agent
2. Implementing least privilege access models
3. Logging every agent action with immutable audit trails

Zero trust architectures will likely evolve to include AI as first class identities, not background processes.

The shift requires collaboration between AI developers, CISOs, and policymakers. Identity can no longer be an afterthought.

Conclusion

The economic promise of agentic AI is real. Automation at scale can unlock speed, efficiency, and innovation.

But the question embedded in “Where's The Identity?” is more than rhetorical. Without robust identity frameworks, organizations risk building powerful systems on fragile foundations.

The next phase of AI adoption will not be defined only by capability. It will be defined by control.

Fast Facts:

What's the implication of 40 percent of workflows running on agentic AI?

It highlights Gartner’s forecast that 40 percent of workflows may rely on autonomous AI agents, raising urgent questions about identity, access control, and accountability in enterprise systems.

Why is identity important?

40% of workflows running on agentic AI might create an cybersecurity threat should it become a reality, each agent needs a unique digital identity to prevent misuse, enable audits, and enforce security boundaries.

What is the biggest risk in workflows run by Agentic AI?

The core risk lies in uncontrolled access to large scale user data. Without clear identity governance, compromised agents could trigger large scale data or compliance breaches.