Roundtable

Bernard Munyaradzi Chadenga, Cimplicity Institute

Many organisations across Africa are still in the early stages of their identity maturity journey, particularly when they move beyond employee identities and into service accounts, APIs, bots and AI agents. In 2024, Clutch Security’s Non-Human Identities Index put the number of non-human to human identities within organisations at 45:1. By 2025, that number was 144:1.

Organisations are now moving beyond the traditional boundaries of privileged access management (PAM) to account for every single identity type in their environments – human, machine, composite, agentic and non-human. Identity and access management (IAM) in 2026 has become the new security perimeter where attackers are all going after the same things: credentials and access. And as they compromise passwords and data, they’re not hacking the enterprise anymore. They’re logging in. This makes it challenging for the CISO and CIO.