Why Delinea focuses on privileged access to prevent breaches from humans and AI Agents

In 2026, cyberattacks look different. Traditionally, attackers exploited bugs or broke through firewalls, triggering alarms — like breaking a window to burgle a house.

But modern cyberattackers are stealing the keys and entering through the front door unnoticed. They’re stealing or buying login credentials, moving through systems as a seemingly valid user, and accessing data without triggering defense systems.

This is why least privilege, giving users and systems the access they need to do their jobs and nothing more, has become a cornerstone of cybersecurity.

“Almost all [recent breaches] have some sort of privilege elevation,” says Art Gilliland, the CEO of identity security platform Delinea. “They break in in some way, and then they try to get access to other stuff.”

And once they’re in, things move quickly. Breakout time, which is the window between initial intrusion and lateral movement to other systems, has shrunk dramatically. “A couple of years ago…you saw breakout times at 48 minutes. Last year, you saw breakout times at 29 minutes, with the fastest being 27 seconds.”

That acceleration is why Delinea focuses on privileged access: the accounts, credentials, and entitlements that decide what users and systems can see, change, and control.

“We secure your most privileged access.”

Beyond the vault

Historically, privileged access management (PAM) meant one thing, says Gilliland. “Vault.” These are secure, isolated storage systems designed to safeguard an organization’s critical data and ensure it’s recoverable even if the primary network is compromised.

Delinea’s vision stretches beyond the vault, explains Gilliland. “I want to be able to know who all those privileged users are and…control what they have access to.” But it doesn’t stop there. “I want to know…what do they have rights to, and how are they using those rights?”

“When I watch how users are using their entitlements, I map that to what they actually have rights to, and if they do something that’s bad, I can block it.” 

Delinea’s platform brings those elements together, combining discovery, control, monitoring, and risk reduction. It can find privileged users across cloud and on-premises networks, and help organizations reduce unnecessary access.

Gilliland gives a simple example. “Art has 15 entitlements, but he only ever uses five. Why does he have those other 10? I should actually reduce those other 10 rights because that reduces the risk.”

From merger to market leader

Delinea is the result of the 2021 merger of two established players in privileged access management: Centrify and Thycotic.

Thycotic made identity security tools easier to roll out and manage, while Centrify specialized in complex identity systems for large enterprises. Together, they could cover a wide range of identity security challenges for businesses on one platform.

As Centrify’s then-CEO, Gilliland stayed on to lead the new company, which rebranded as Delinea in 2022. Insight Partners, which had previously backed Thycotic, remained involved in the combined company as a minority investor.

With revenue, credibility, and a customer base already established, Delinea scaled quickly, closing 2021 with more than 1,400 new customers and 35% year-over-year ARR growth. In Q1 of 2022, the company surpassed $200M in ARR and added more than 340 new logos.

Delinea has also expanded its platform through a series of acquisitions, including cybersecurity startups Authomize and Fastpath in 2024 and Strong DM in 2026. By August 2025, the company had surpassed $400M in ARR.

The machine identity problem

The security challenge has evolved as organizations embrace autonomous AI.

“There’s a lot of talk about AI and non-human workforce now in the enterprise,” says Gilliland. “We believe that all of these AI Agents…are actually privileged users, because they access sensitive information…and they take action independently and intelligently.”

Instead of managing a fixed set of human users, organizations now need to track and control thousands, sometimes millions, of machine identities operating at machine speed. Often, those systems have excessive permissions by design.

That creates a specific problem around permissions. “One of the challenges that AI poses for enterprises is that they have to connect through APIs,” says Gilliland.

“Maybe there’s 50 activities you can do through a specific API, but the AI Agent…only needs to do three things or five things to be able to do its job.” But because of how the systems are connected, “you’re giving it a ton of API connections, [which] means it can do pretty much anything in your environment.”

“There’s a way to actually control these AI Agents, like you control humans, but you can do it at machine speed.”

That becomes dangerous if an Agent is compromised, as it has both access to data and the ability to act on it. “You need to be managing those entitlements,” says Gilliland. “Give them to the AI Agent only when it needs [them].” This is Delinea’s model: just-in-time, context-based access, with permissions removed as soon as they are no longer needed.

Safety at the speed of AI adoption

As enterprises race to adopt AI tools, a gap is appearing. “Almost all companies have a crazy CEO like me telling them to use AI because the productivity enhancements are just so extraordinary,” says Gilliland. “The challenge is that less than half of them have the tooling in place to actually secure it.”

Where Delinea excels, he adds, “is being able to scan these environments…to find all these…unknown uses of AI.” Delinea Iris AI, an AI engine embedded natively in the Delinea platform and introduced in August 2025, is designed to do exactly that. It helps organizations safeguard their AI use and discover shadow AI deployments they didn’t know existed.

“Our discovery capabilities are built for being able to scan and find [non-human identities]…figure out what they have rights to…[and] take control of them.”

That matters because AI is also reshaping how attackers operate. “The tooling that they’re using is more automated,” says Gilliland. “They’re able to use AI to attack, scan, and process massive amounts of data. They’re able to use stronger computing to break encryption algorithms.”

This acceleration is what has driven breakout times down and why static security models are struggling to keep up. “If we’re going to be successful against that higher level of tech, we also have to take advantage of AI and…protect the usage of it in the enterprise,” says Gilliland.

No fixed perimeter

The future of identity security is more integrated, dynamic, and central to how systems operate, argues Gilliland. “I actually think most users, all users, are going to be privileged users at some point.”

That means the perimeter keeps expanding, with humans, developers, machines, and AI Agents, all requiring increasingly granular, context-aware controls. “You’re going to look at data, and then you’re going to decide…should we allow them to connect?” says Gilliland — a shift that puts identity at the center of every system.

*Note: Insight Partners has invested in Thycotic and Delinea.