advertisement
CyberArk Releases Its 2024 Identity Security Report
Identity security company, CyberArk, has released a new global research report that shows how siloed approaches to securing human and machine identities are driving identity-based attacks across enterprises and their ecosystems.
The ‘ÇyberArk 2024 Identity Security Threat Landscape Report’ provides perspectives on how Artificial Intelligence (AI) boosts cyber defenses as well as attacker capabilities; increases the pace at which identities are created in new and complex environments; and highlights the scale of identity-related breaches affecting organizations.
While the quantity of both human and machine identities is growing quickly, the report found that security professionals rate machines as the riskiest identity type. In part due to widespread adoption of multi-cloud strategies and growing utilization of AI-related programs like Large Language Models, machine identities are being created in vast numbers. Many of these identities require sensitive or privileged access. However, contrary to how human access to sensitive data is managed, machine identities often lack identity security controls, and therefore represent a widespread and potent threat vector ready to be exploited.
advertisement
Consistent with CyberArk’s 2023 report, the 2024 Threat Landscape Report found that nearly all (99 percent) of organizations are using AI in cybersecurity defense initiatives. Furthermore, the report predicts an increase in the volume and sophistication of identity-related attacks, as skilled and unskilled bad actors also increase their capabilities, including AI-powered malware and phishing. In related findings, counter to expectations, the majority of respondents are confident that deepfakes targeting their organization won’t fool their employees.
“Digital initiatives to drive organizations forward inevitably create a plethora of human and machine identities, many of which have sensitive access and all of which must have identity security controls applied to them in order to guard against identity-centric breaches,” said Matt Cohen, chief executive officer, CyberArk.
“The report shows that identity breaches have affected nearly all organizations – multiple times in nearly all cases – and demonstrates that siloed, legacy solutions are ineffective at solving today’s problems. To stay ahead a paradigm shift is required, where resilience is built around a new cybersecurity model that places identity security at its core,” Cohen further remarked.
advertisement
The report also details the consequences firms are facing from identity-centric cyber breaches and recommends methods of ensuring security practices keep up with wider organizational initiatives to reduce cybersecurity debt.