SailPoint has revealed that identity security now delivers the highest return on investment across the enterprise security stack, according to its latest Horizons of Identity Security 2025–2026 report. The findings highlight how modern identity solutions have evolved from back-office controls to strategic enablers that improve efficiency, reduce risk, and accelerate AI readiness.
The report, based on a June 2025 survey of 375 identity and access management (IAM) decision-makers across the Americas, Europe, and Asia, shows a widening gap between organisations with advanced identity programmes and those still at basic levels. Nearly two-thirds of businesses remain reliant on manual processes, with only 10% reaching the most mature stages of identity security where automation and AI play a central role.
“Identity has become the top ROI generator in the security stack — helping enterprises cut costs, reduce risk, and accelerate growth,” said Matt Mills, President at SailPoint. “Today, identity is the central control point where policies are enforced, critical decisions are made, and security operations converge. Its future is tightly connected to AI-driven data governance, enabling organisations to manage every identity — human, machine or AI agent — across the enterprise.”
AI-enabled identity systems deliver greater performance
According to the research, organisations adopting AI-driven identity controls are four times more likely to implement advanced capabilities such as identity threat detection and response (ITDR), adaptive authentication, and governance for AI agents and bots. They are also up to eight times more likely to achieve automated identity data synchronisation, which improves operational efficiency and strengthens security posture.
Leading organisations have demonstrated clear results. Global IT services firm Wipro is expanding from enterprise-wide adoption to advanced automation and AI-driven capabilities, while Specsavers has cut manual workloads by automating access controls and lifecycle workflows. These moves have improved productivity and enabled faster scaling.
However, the report warns that progress is not guaranteed. Some organisations have slipped backwards due to the rising bar for maturity, which now includes advanced capabilities such as AI agent security and multi-cloud entitlement management. Without improving data quality and standardising application onboarding, companies may struggle to advance.
Strategic approach proves most effective
The study found that firms treating identity as a strategic enabler are 40% more likely to achieve maximum ROI, with typical returns up to 10 times greater than other security investments such as endpoint and network protection. Key steps to success include data clean-up before system migration, automated application onboarding, and the adoption of intelligent lifecycle workflows.
“Those advancing further across the Horizons are recognising identity’s strategic role and reaping outsized benefits — positioning identity security as a key enabler of business performance,” Mills added.
The Horizons of Identity Security report provides practical guidance for companies aiming to modernise their IAM frameworks and prepare for an AI-driven future. With identity now acting as the control point for policies, access, and threat detection, its role in enterprise resilience and growth is stronger than ever.
