Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
New CyberArk Research: Rapid Growth of Machine Identities, AI Adoption and Cloud Native Innovations Leave Organizations More Vulnerable to Attacks

CyberArk released its 2025 State of Machine Identity Security Report, revealing that machine identity-related security incidents are on the rise, as the volume and complexity of machine identities continue to multiply. Seventy-two percent of organizations have experienced at least one certificate-related outage in the past year, marking a significant increase compared to previous years. Additionally, 50% of security leaders reported security incidents or breaches due to compromised machine identities.

Machine identities-including certificates, keys, secrets and access tokens-are exploding amid the rise of artificial intelligence (AI) adoption, cloud native innovations and shorter machine identity lifespans. As a result, organizations are struggling to keep up and siloed approaches to securing machine identities creates its own risks. The report shows the substantial business impacts of not securing machine identities effectively, leaving organizations vulnerable to costly outages and breaches.

2025 State of Machine Identity Security Report Highlights

CyberArk surveyed more than 1,200 security leaders across multiple countries. Key findings from the research include:

  • Frequency of outages surges dramatically - Nearly three-quarters (72%) of respondents have suffered at least one certificate-related outage in the past year, with 67% experiencing outages monthly and 45% weekly. This marks a substantial jump from 2022, when 26% reported outages monthly and only 12% weekly.

  • Machine identity-related compromises have substantial business impacts - Half (50%) of security leaders reported security incidents or breaches linked to compromised machine identities in the last year, which led to delays in application launches (51%), outages impacting customer experience (44%) and unauthorized access to sensitive data or networks (43%).

  • Machine identity growth continues at pace - Machine identities outnumber human identities by an overwhelming margin and continue to grow quickly. Seventy-nine percent of security leaders anticipate the number of machine identities in their organization to increase, by as much as 150% over the next year.

  • AI looms large on the machine identity threat horizon - As AI systems become a growing target for cyberattacks, 81% of security leaders believe machine identity security will play a vital role in securing the future of AI. Seventy-nine percent say securing AI models from manipulation and theft means putting greater emphasis on the need for machine identity authentication and authorization.

  • Machine identity security programs lack maturity - While 92% of security leaders report some form of machine identity security program, many of these programs lack maturity. Respondents reveal the lack of a cohesive machine identity security strategy as their biggest concern (42%), followed by challenges adapting to shorter machine identity lifecycles (37%) and the possibility of adversaries exploiting stolen machine identities (37%).

  • Siloed approach to securing machine identities creates risk - Where multiple tools to secure machine identities exist within organizations, inefficiencies, risk and management challenges are created. For example, responsibilities for preventing machine identity-related compromises were found to be split among security (53%), development (28%) and platform (14%) teams.

"Machine identities of all kinds will continue to skyrocket over the next year, bringing not only greater complexity but also increased risks," said Kurt Sand, GM of Machine Identity Security at CyberArk. "Cybercriminals are increasingly targeting machine identities - from API keys to code signing certificates - to exploit vulnerabilities, compromise systems and disrupt critical infrastructure, leaving even the most advanced businesses dangerously exposed. This research highlights the urgency for security leaders to establish a comprehensive, end-to-end machine identity security strategy that tackles the non-human identities that matter most to prevent potential attacks and outages-especially as AI agents continue to rise and the quantum attack timeline shortens."

To read the full report and access additional findings, please visit https://www.cyberark.com/2025-state-of-machine-identity-security-report/.

Published Thursday, March 13, 2025 8:21 AM by David Marshall
Filed under: ,
Get This Featured White Paper: Unmasking the Top 5 End-User Computing (EUC) Challenges
You may also be interested in this white paper: EMA Radar Report - AIOps: A Guide to Investing in Innovation
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Datacenter
Global Digital
haf
DTX
DTW-NA
innovatrix
Economist Impact
GISEC
IPS MP
global-digital-cx
vExpert
Calendar
<March 2025>
SuMoTuWeThFrSa
2324252627281
2345678
9101112131415
16171819202122
23242526272829
303112345