A new report from Okta’s AI at Work 2025 study has found that automation, process optimisation, and AI agents are at the forefront of workplace transformation, with leaders increasingly viewing artificial intelligence as central to business strategy. Two-thirds of leaders surveyed regard AI as key to their operations, while 91% of organisations are already using AI agents.
Automation remains the most common AI use case
For the second consecutive year, automation and process optimisation ranked as the most widely used AI applications, with 84% of respondents employing AI in this way. However, other use cases are rising quickly. Coding and software development saw the largest growth, moving from fourth place in 2024 (56%) to second place in 2025 (74%), marking an 18-percentage-point increase. Content generation and creative applications also climbed, shifting from fifth to third place.
By contrast, predictive analytics and forecasting dropped from second to fifth place, the only use case to decline, falling by seven percentage points. The findings indicate a shift towards more practical and task-focused AI deployments.
AI agents gain rapid traction across industries
AI agents, defined as autonomous software systems capable of understanding natural language, analysing real-time data, and taking action without human input, are now used by 91% of surveyed organisations. On average, companies reported 4.8 use cases for AI agents, with task automation being the most common (81%). They are also widely used to enhance customer service (65%), provide IT support (55%), and assist in coding (51%).
The report highlights tangible benefits driving adoption. Increased productivity (84%) and cost savings (60%) were the top reported outcomes, alongside improvements in customer experience, workflow efficiency, decision-making, scalability, and innovation.
However, AI agents also present new risks. Their need for access to organisational data and systems raises concerns about data privacy and security, particularly around vulnerabilities such as prompt injection and account takeovers. Respondents ranked these as their most severe and frequent concerns.
Governance and security remain critical challenges
Managing AI agent identities poses unique challenges compared with human users. AI agents often lack clear accountability, have short lifespans requiring rapid provisioning and removal, and use non-human authentication methods such as API tokens. They also require precise, time-limited permissions and often access sensitive information, making robust controls essential.
Controlling non-human identity access and permissions was the top concern for 78% of leaders, followed by lifecycle management (69%), visibility issues (57%), and remediating risky accounts (53%). As a result, 85% of respondents said identity and access management (IAM) is vital for AI adoption, a seven-point increase from last year. Data security, privacy, compliance, and regulatory requirements were the most common reasons cited for prioritising IAM.
Despite these concerns, governance strategies lag behind adoption rates. Only 10% of organisations have a well-developed strategy for managing non-human identities, while just 36% have a centralised AI governance model. Where governance structures exist, they typically involve CISOs, CIOs, and compliance teams, with growing input from data scientists, AI teams, and business leaders.
Okta’s findings suggest that while AI and AI agents are becoming integral to business operations, organisations must close the gap between adoption and governance to ensure secure, compliant, and sustainable use.
