CyberArk Report Reveals 93% of Indian Organizations Experience Multiple Identity-Related Breaches

CyberArk Report Reveals 93% of Indian Organizations Experience Multiple Identity-Related Breaches

CyberArk released a new global research report that shows how siloed approaches to securing human and machine identities are driving identity-based attacks across enterprises and their ecosystems. The CyberArk 2024 Identity Security Threat Landscape Report provides unique perspectives on how Artificial Intelligence (AI) boosts cyber defenses as well as attacker capabilities; increases the pace at which identities are created in new and complex environments; and highlights the scale of identity-related breaches affecting organisations.

Cyber Risk Rises as Machine Identity Security Treated Differently to Humans

While the quantity of both human and machine identities is growing quickly, the report found that security professionals rate machines as the riskiest identity type. In part due to widespread adoption of multi-cloud strategies and growing utilisation of AI-related programs like Large Language Models, machine identities are being created in vast numbers. Many of these identities require sensitive or privileged access. However, contrary to how human access to sensitive data is managed, machine identities often lack identity security controls, and therefore represent a widespread and potent threat vector ready to be exploited.

  • 93% of Indian organisations had two or more identity-related breaches in the past year.

  • Machine identities are the #1 cause of identity growth and are considered by respondents to be the riskiest identity type.

  • 50% of organisations expect identities to grow 3x in the next 12 months (average: 2.4x).

  • 53% of organisations define a privileged user as human-only. 46% of organisations define all human and machine identities with sensitive access as privileged users.

  • In the next 12 months, 83% of organisations will use three or more Cloud Service Providers (CSPs).

Widespread Use of AI to Battle AI and Complacency Takes Hold

Consistent with our 2023 report, the 2024 Threat Landscape Report found that nearly all (99%) of organisations are using AI in cybersecurity defense initiatives. Furthermore, the report predicts an increase in the volume and sophistication of identity-related attacks, as skilled and unskilled bad actors also increase their capabilities, including AI-powered malware and phishing. In related findings, counter to expectations, the majority of respondents are confident that deepfakes targeting their organisation won’t fool their employees.

  • 99% of organizations have adopted AI-powered tools as part of their cyber defenses.

  • 93% of respondents expect AI-powered tools to create cyber risk for their organisation in the coming year. 

  • 84% are confident that their employees can identify deepfakes of their organisational leadership.

  • 88% organisations have been a victim of a successful identity-related breach due to a phishing or vishing attack. 

"In today’s digital age, where identities proliferate at an unprecedented pace, machine identities are the silent players of our systems, serving as the cornerstone of innovation while being the weak link of security,” said Rohan Vaidya, Area Vice President, India & SAARC at CyberArk. “As we navigate this landscape, the CyberArk 2024 Identity Security Threat Landscape Report illuminates the urgent need to bridge the gap between human and machine identity security. With 93% of Indian organisations experiencing multiple identity-related breaches in the past year alone, it is evident that identity protection is the need of the hour. The reliance on AI in cyber defense becomes not just a strategic advantage but a necessity in combating AI-driven threats. In this era of increasing cyber risk, it is imperative that we unify our defenses, harnessing the power of AI while nurturing a culture of vigilance to safeguard against the ever-evolving threats to our digital identities,” he added.

“Digital initiatives to drive organisations forward inevitably create a plethora of human and machine identities, many of which have sensitive access and all of which must have identity security controls applied to them in order to guard against identity-centric breaches,” said Matt Cohen, Chief Executive Officer, CyberArk. “The report shows that identity breaches have affected nearly all organisations - multiple times in nearly all cases – and demonstrates that siloed, legacy solutions are ineffective at solving today’s problems. To stay ahead a paradigm shift is required, where resilience is built around a new cybersecurity model that places identity security at its core.”

𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲

𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 FacebookLinkedInTwitterInstagram

Related Stories

No stories found.