An overwhelming 95% of APJ organisations had two or more identity-related breaches in the past year, according to the CyberArk 2024 Identity Security Threat Landscape Report.
Vincent Goh, president and general manager of Asia Pacific and Japan, CyberArk, said, "A majority (95%) of APJ organisations experienced identity-related breaches in the past year, partly due to inadequate security controls for machine identities compared to human ones. Machine identities will continue to expand the attack surface for cyber adversaries, especially with the acceleration in AI adoption."
Machine identity security
The report found that APJ organisations expect identities to grow an average of 2.6x in the next 12 months. Moreover, most (62%) of APJ organisations define a privileged user as human-only, and only 38% define all human and machine identities with sensitive access as privileged users.
AI vs AI
The report warns that the volume and sophistication of identity-related attacks will increase. Significantly, all organisations in the region have embraced AI-powered tools as part of their cyber defences, a move that could potentially create cyber risk for 96% of them in the coming year.
Around 70% are confident that their employees can identify deepfakes of their organisational leadership.
Further, the report revealed that most (95%) of APJ organisations had been victims of a successful identity-related breach due to a phishing or vishing attack. In comparison, 92% of APJ organisations faced successful ransomware attacks.
Holistic cybersecurity strategy
In light of these alarming statistics, Goh strongly advocates for APJ organisations to embrace a comprehensive cybersecurity strategy that safeguards both human and machine identities. This, he asserts, is the most effective way to fortify their defenses against the escalating threat of cyber attacks.
