This emerging threat landscape centers on identity as the critical vulnerability vector in 2026. First, agentic AI systems integrated across organizational technologies create a new attack surface. These AI agents, granted least privilege access to perform tasks like reading emails or accessing CI/CD pipelines, can be manipulated via the confused deputy problem. Attackers craft prompts or commands that trick these AI deputies into executing unauthorized actions, such as data exfiltration or privilege escalation, effectively using the AI as a proxy for malicious activity. Second, account poisoning represents an evolution in financial fraud where attackers automate the insertion of fraudulent payees and billers into consumer and business financial accounts. This exploits weak identity verification and poor secrets management in online financial systems, enabling high-velocity, obfuscated fraudulent transactions at scale. Third, many organizations will uncover 'ghost' identities—dormant accounts from historic breaches that remain active due to inadequate joiner-mover-leaver (JML) processes and insufficient identity governance. These legacy compromises pose a latent risk as attackers rediscover and exploit these accounts. The convergence of these vectors underscores the failure of traditional perimeter defenses and the necessity of an identity-first security posture. The report highlights the obsolescence of VPNs for privileged access due to exploitation risks and notes cultural resistance to AI adoption, which may complicate defense strategies. Overall, the threat exploits identity lifecycle weaknesses, privilege sprawl, and the rapid, often insecure integration of AI technologies, demanding advanced identity governance, least privilege enforcement, and real-time monitoring.

European organizations face significant risks from these identity-centric threats due to their extensive adoption of AI technologies, complex identity and access management environments, and critical financial infrastructures. The agentic AI threat can lead to unauthorized data disclosure, operational disruption through malicious code deployment, and privilege escalation, undermining confidentiality, integrity, and availability of sensitive systems. Account poisoning threatens financial institutions and businesses by enabling large-scale fraudulent transactions, potentially causing direct financial losses, reputational damage, and regulatory penalties under GDPR and financial compliance frameworks. The discovery of ghost identities can reveal long-standing security gaps, increasing the risk of insider threats and unauthorized access from legacy accounts. The erosion of VPN security further complicates remote access protections, increasing exposure to persistent threats. These impacts can disrupt European digital economies, erode trust in financial systems, and increase the cost and complexity of compliance with stringent EU cybersecurity regulations. Organizations may also face challenges balancing AI adoption with ethical concerns and workforce resistance, affecting security strategy implementation.

European organizations should implement a comprehensive identity-first security strategy that includes: 1) Rigorous least privilege enforcement for all identities, especially AI agents, ensuring they have only the minimal permissions necessary and applying context-aware access controls to limit actions based on situational parameters. 2) Deploy real-time auditing and behavioral monitoring of AI agent activities to detect anomalous commands or privilege escalations indicative of confused deputy exploitation. 3) Modernize IAM programs by integrating graph-based identity analytics to map and continuously monitor identity relationships, enabling rapid detection and remediation of ghost identities and privilege sprawl. 4) Strengthen joiner-mover-leaver (JML) processes to ensure timely deprovisioning of dormant or legacy accounts. 5) Enhance financial system security by implementing multi-factor identity verification and anomaly detection for automated changes to payee and biller information, focusing on high-velocity transaction patterns and automated workflows. 6) Transition away from traditional VPNs for privileged access, adopting zero trust network access (ZTNA) solutions that provide granular, identity-based access controls and continuous verification. 7) Develop clear governance policies around AI adoption that address ethical concerns and provide opt-out mechanisms while maintaining security controls. 8) Conduct regular security awareness training focused on emerging AI-related threats and identity management best practices. 9) Collaborate with regulators and industry groups to share threat intelligence and develop sector-specific identity security standards. 10) Invest in advanced threat detection technologies that leverage AI for proactive defense without compromising identity governance.