Report: 93% Of Organizations Had Two or More Identity-Related Breaches in the Past Year
May 16 2024 - 1:30PM
Business Wire
- Machine identities are the #1 driver of identity growth
- Only 38% of organizations define all human and machine
identities with sensitive access as privileged users
- 70%+ of security professionals are confident that their
employees can identify deepfakes of their organizational
leadership
CyberArk (NASDAQ: CYBR), the identity
security company, today released a new global research report
that shows how siloed approaches to securing human and machine
identities are driving identity-based attacks across enterprises
and their ecosystems. The CyberArk 2024 Identity Security Threat
Landscape Report provides unique perspectives on how Artificial
Intelligence (AI) boosts cyber defenses as well as attacker
capabilities; increases the pace at which identities are created in
new and complex environments; and highlights the scale of
identity-related breaches affecting organizations.
This press release features multimedia. View
the full release here:
https://www.businesswire.com/news/home/20240516898054/en/
The CyberArk Identity Security Threat
Landscape 2024 Report (Graphic: Business Wire)
Cyber Risk Rises as Machine Identity Security Treated
Differently to Humans
While the quantity of both human and machine identities is
growing quickly, the report found that security professionals rate
machines as the riskiest identity type. In part due to widespread
adoption of multi-cloud strategies and growing utilization of
AI-related programs like Large Language Models, machine identities
are being created in vast numbers. Many of these identities require
sensitive or privileged access. However, contrary to how human
access to sensitive data is managed, machine identities often lack
identity security controls, and therefore represent a widespread
and potent threat vector ready to be exploited.
- 93% of organizations had two or more identity-related breaches
in the past year.
- Machine identities are the #1 cause of identity growth and are
considered by respondents to be the riskiest identity type.
- 50% of organizations expect identities to grow 3x in the next
12 months (average: 2.4x).
- 61% of organizations define a privileged user as human-only.
Only 38% of organizations define all human and machine identities
with sensitive access as privileged users.
- In the next 12 months, 84% of organizations will use three or
more Cloud Service Providers (CSPs).
Widespread Use of AI to Battle AI and Complacency Takes
Hold
Consistent with our 2023 report, the 2024 Threat Landscape
Report found that nearly all (99%) of organizations are using AI in
cybersecurity defense initiatives. Furthermore, the report predicts
an increase in the volume and sophistication of identity-related
attacks, as skilled and unskilled bad actors also increase their
capabilities, including AI-powered malware and phishing. In related
findings, counter to expectations, the majority of respondents are
confident that deepfakes targeting their organization won’t fool
their employees.
- 99% of organizations have adopted AI-powered tools as part of
their cyber defenses.
- 93% of respondents expect AI-powered tools to create cyber risk
for their organization in the coming year.
- 70%+ are confident that their employees can identify deepfakes
of their organizational leadership.
- Nine out of 10 organizations have been a victim of a successful
identity-related breach due to a phishing or vishing attack.
“Digital initiatives to drive organizations forward inevitably
create a plethora of human and machine identities, many of which
have sensitive access and all of which must have identity security
controls applied to them in order to guard against identity-centric
breaches,” said Matt Cohen, chief executive officer, CyberArk. “The
report shows that identity breaches have affected nearly all
organizations - multiple times in nearly all cases – and
demonstrates that siloed, legacy solutions are ineffective at
solving today’s problems. To stay ahead a paradigm shift is
required, where resilience is built around a new cybersecurity
model that places identity security at its core.”
Read the full report for further insight on what is behind human
and machine identity growth, where related cyber risk lies and how
AI is being used in cyber defenses. The report also details the
consequences firms are facing from identity-centric cyber breaches
and recommends methods of ensuring security practices keep up with
wider organizational initiatives to reduce cybersecurity debt.
About the Report
The CyberArk 2024 Identity Security Threat Landscape Report was
conducted across private and public sector organizations of 500
employees and above. It was conducted by market researchers Vanson
Bourne amongst 2,400 cybersecurity decision makers. Respondents
were based in Brazil, Canada, Mexico, US, France, Germany, Italy,
the Netherlands, Spain, UK, UAE, Australia, India, Hong Kong,
Israel, Japan, Singapore and Taiwan.
About CyberArk
CyberArk (NASDAQ: CYBR) is the global leader in identity
security. Centered on intelligent privilege controls, CyberArk
provides the most comprehensive security offering for any identity
– human or machine – across business applications, distributed
workforces, hybrid cloud environments and throughout the DevOps
lifecycle. The world’s leading organizations trust CyberArk to help
secure their most critical assets. To learn more about CyberArk,
visit https://www.cyberark.com, read the CyberArk blogs or follow
on LinkedIn, X, Facebook or YouTube.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240516898054/en/
Media: Carissa Ryan Press@cyberark.com
Investors: Erica Smith IR@cyberark.com
CyberArk Software (NASDAQ:CYBR)
Historical Stock Chart
From Apr 2024 to May 2024
CyberArk Software (NASDAQ:CYBR)
Historical Stock Chart
From May 2023 to May 2024