The 2025 Identity Security Landscape Report by CyberArk confirms what many security leaders have suspected: the explosive combination of AI, proliferation of machine identities, and identity silos is raising business risks to unprecedented levels. Based on responses from 2,600 security professionals across 20 countries, the report paints a picture where 9 out of 10 organizations experienced at least one identity breach in the past year.
The “AI Triad”: Attacker, Defender, and Identity Risk
AI is no longer just a tool to detect vulnerabilities or automate defenses. It has also become a weapon in the hands of attackers. According to the report, 94% of organizations use AI to strengthen identity strategies, yet cybercriminals have taken the lead with faster, more sophisticated attacks that are harder to detect.
- AI-powered Phishing: nine out of ten companies report successful incidents, often amplified by campaigns utilizing voice deepfakes or contextual emails indistinguishable from legitimate ones.
- Shadow AI: 47% of organizations admit they cannot secure all AI tools used internally.
- Uncontrolled Privileges: AI will be the Main generator of new privileged access identities by 2025.
The case in Italy, where scammers used the Defense Minister’s voice to deceive businesspeople and orchestrate a transfer of €1 million, illustrates how digital identity manipulation can cross the line from technical attack to human deception.
The Rise of Machine Identities
Non-human identities (bots, service accounts, automated processes, cloud workloads, AI agents) now outnumber human identities by 82 to 1. In sectors like finance, the ratio climbs to 96:1.
- 42% of these identities have access to sensitive data, compared to 37% of human users.
- However, 88% of respondents still define “privileged user” solely as a human, overlooking the risk posed by machines and autonomous agents.
- The 59% of security leaders believe the proliferation of machine identities will be the biggest driver of account growth in the next 12 months.
This conceptual gap is critical: each poorly managed machine identity can become a perpetual access point for attackers.
Identity Silos: The Internal Threat
The report highlights that 70% of organizations view identity silos as a root cause of risk. With hybrid environments, legacy systems, and the adoption of multiple cloud stacks, visibility fragments:
- 49% of companies lack full visibility of permissions and roles in their cloud.
- Fewer than 40% have implemented robust controls for critical infrastructure such as DevOps, AI/LLMs, or service accounts.
- Insurers are beginning to react: 88% of respondents say they now face stricter privilege controls required to renew cyber insurance policies.
Regulatory and Geopolitical Pressures
The report also points to the influence of regulatory frameworks and international tensions:
- The European Union advances with its AI Act, which will require companies to document and audit their AI models.
- In Australia, the Cyber Security Act 2024 already sets precedents for strict regulation of machine identities.
- Meanwhile, state-sponsored attacks (such as the theft of $1.5 billion in cryptocurrency from ByBit or intrusions into the US Treasury attributed to Chinese hackers) highlight the role of identity in cyber geopolitics.
Strategic Priorities for 2025
87% of respondents experienced at least two successful identity breaches in 2024, yet only 32% have implemented controls specific to AI. To address this imbalance, priorities for 2025 include:
- Application-based security controls (47%).
- Enhanced Privileged Access Management (PAM) (35%).
- Identity Governance and Administration (IGA) (32%).
- Machine identity management with dynamic secret rotation, automated certificates, and role-based access controls.
Final Reflection
The report ends with a clear message: identity is the epicenter of security in 2025. With AI creating new opportunities and threats simultaneously, the challenge is to consolidate tools, break down silos, and treat every identity — human or machine — as a potential gateway.
As Clarence Hinton, CyberArk’s Chief Strategy Officer, summarizes:
“The same AI that protects can also attack. We have invented the ship, but also the shipwreck. The only way to resist is to modernize our identity strategy and govern every privileged identity.”
Frequently Asked Questions (FAQ)
What is a machine identity and why is it so dangerous?
They are non-human accounts (bots, cloud workloads, AI agents) used to authenticate processes. They are risky because they often have privileged access that remains invisible to security teams.
What is “shadow AI”?
Use of AI tools that are unapproved or unmanaged by IT, which can expose sensitive data without the company’s control or even awareness.
How do identity silos affect security?
They fragment visibility over permissions and roles, make anomaly detection harder, and increase insurance costs by raising breach risks.
What measures does CyberArk recommend for 2025?
Implement stricter privilege controls, redefine “privileged user” to include machines, consolidate identity tools, and secure the AI agent lifecycle with protocols like MCPs.
via: cyberark