What AI and Cloud Are Doing to Identity Security?

CyberArk has released its latest 2025 Identity Security Landscape report. It sheds light on how the widespread adoption of AI and the cloud is expanding the identity attack for enterprises. This is a global study that shows a troubling trend where organizations are losing track of the machine identities that now far outnumber human ones, many of whom have sensitive or privileged access. Here’s everything you need to know about:

Machine Identities Outpace Human Ones

If we go by the report, there are now 82 machine identities for every human identity in organizations. Despite this shift, 88% of organizations still define a “privileged user” as a human only. This is a critical gap, given that 42% of machine identities also have privileged or sensitive access.

Furthermore, the report states that 58% of organizations don’t have identity security controls in place to protect their cloud infrastructure and workloads, where many of these machine identities operate.

Identity-Centric Breaches Are Widespread

CyberArk also found that 76% of organizations experienced at least two successful identity-centric breaches in the past year. It included phishing, vishing, deepfake-driven fraud, compromised privileged access, and third-party identity theft.

AI Adoption Accelerates Identity Risks

The report also talks about the risks associated with the growing adoption of AI. As more and more organizations are adopting agentic AI and large language models (LLMs), identity risks are also increasing with equal growth. AI-driven processes are expected to create the largest volume of new privileged identities in 2025.

However, it was mentioned that currently, 68% of organizations lack identity security controls tailored for AI, and 37% cannot secure unauthorized or “shadow” AI tools within their environments. Apart from that, concerns about manipulation and sensitive data access are the key barriers to adopting AI agents.

Identity Silos and Complexity Hindering Cyber Resilience

The report also points to broader structural issues. Fragmented identity security programs and siloed data are making it harder for organizations to stay resilient against modern cyber threats.

For example, 68% of Indian respondents said identity silos are a key source of cybersecurity risk. Meanwhile, 77% of security professionals in India believe their organizations prioritize business efficiency over cybersecurity. At the same time, 88% are facing growing pressure from insurers to implement stronger privilege controls.

The rapid adoption of AI in India’s dynamic business environment has introduced complex challenges when it comes to managing machine identities and their privileged access. As AI-driven processes gain momentum, security leaders in India must rethink their identity security strategies to address the growing risk of unmanaged identities, both human and machine. Modernizing these strategies is essential to protecting critical data, ensuring compliance, and mitigating the growing threat landscape.
Rohan Vaidya, Area Vice President, SAARC & India, CyberArk

The 2025 Identity Security Landscape report was conducted by Vanson Bourne among 2,600 cybersecurity decision-makers. Participants came from 18 countries across sectors, all representing organizations with 500 or more employees.

Keval Vachharajani
Reporter
- LinkedIn
Keval Vachharajani is a seasoned business tech journalist with over five years of experience covering technology for renowned publications. Now, he brings his expertise to the dynamic world of B2B. At Geekflare, Keval focuses on uncovering the latest developments in SaaS, delivering in-depth news, analysis, and insights to empower businesses and professionals.