In an era where digital transformation is swiftly reshaping the business world, the most recent research from CyberArk, an identity security company, highlights a growing concern: identity-related breaches.
The 2024 Identity Security Threat Landscape Report highlights a concerning trend among Indian companies, with 93% reporting two or more identity-related breaches in the previous year. This worrying number demonstrates how Artificial Intelligence (AI) boosts both cyber defences and attacker capabilities by increasing the rate at which these identities are created.
The rise of machine identities
As organisations implement multi-cloud strategies and integrate AI-driven programmes, the number of machine identities expands. These identities, which are frequently allowed sensitive or privileged access, are currently regarded as the riskiest category.
Unlike human identities, machine identities usually lack effective security protections, making them ideal targets for cyber attackers. The report emphasises that machine identities are the key driver of identity expansion, with 50% of organisations expecting a threefold increase in identities over the next year.
Humans vs. Machines: A security gap
The findings reveal a huge discrepancy in how organisations approach human and machine identities. While 53% of organisations define privileged users as human exclusively, 46% broaden the definition to cover any identities with sensitive access, whether human or machine. This mismatch highlights a key vulnerability in identity security solutions, emphasising the necessity for a unified strategy.
AI’s role in cyber defense
The report also focuses on AI's dual function in cybersecurity. Nearly every organisation (99%) is using AI-powered solutions to strengthen their defences. However, attackers employ the same technologies to increase the sophistication of their attacks.
Notably, 93% of respondents believe that AI-powered goods will create new security risks in the coming year. Despite these concerns, 84% of security professionals are confident that their employees can detect deepfakes in organisational leadership, demonstrating greater awareness and training in organisations.
Conclusion
The findings of the CyberArk research serve as a sharp reminder of the changing threat landscape and the vital role of strong identity safety measures.
As organisations expand their digital footprints, a paradigm shift towards a more integrated and robust cybersecurity design is needed. Organisations can better safeguard themselves against the ever-expanding range of digital threats by prioritising identity security in their strategy.