A significant majority (98%) of Hong Kong organisations had two or more identity-related breaches in the past year, according to CyberArk's new global research, "2024 Identity Security Threat Landscape Report".
Regarding the finding, Sandy Lau, district manager of Hong Kong and Macau, CyberArk, said this is "partly due to the inadequate security controls for machine identities compared to human ones. Machine identities will continue to expand the attack surface for cyber adversaries, especially with the acceleration in AI adoption."
Machine identities
More than half (51%) of Hong Kong organisations report that more than half of their machine identities, or even the majority, are accessing sensitive data. Further, 41% of Hong Kong organisations expect identities to grow 2x in the next 12 months. Only 37% of Hong Kong organisations define all human and machine identities with sensitive access as privileged users.
AI and complacency
Hong Kong organisations have adoptedAI-powered tools to strengthen their cyber defenses (99%), expect AI-powered tools to create cyber risk for their organisation in the coming year (97%), and are confident that their employees can identify deepfakes of their organisational leadership (60%).
The report also found that most (96%) of Hong Kong organisations have been victims of a successful identity-related breach due to a phishing or vishing attack.
Lau urges organisations in Hong Kong "to adopt a holistic cybersecurity strategy to secure both human and machine identities to effectively defend themselves against cyber attacks."
