- Pro
- Security
It’s not entirely bad news
Comments (0) ()When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: AI)
- Non-human identities outnumber humans 82-to-1, new report claims
- Security teams are focusing on identity security
- Attack vectors remain unchanged, and that’s a good thing
New research from Rubrik Zero Labs has claimed AI agents in the workplace are creating a surge of ‘non-human identities’, which are now outnumbering human users 82-to-1.
This growth comes as 90% of global leaders cite identity attacks as their top cybersecurity concern – as non-human identities are expanding the attack surface faster than security teams can keep up with.
- Amazon Black Friday deals are live: here are our picks!
“Managing identities in the era of AI has become a complex endeavor, especially with the labyrinth of NHIs,” company Chief Transformation Officer Kavitha Mariappan highlighted.
You may like-
The new identity paradigm must be hybrid, not just human
-
Major AI agents are being spoofed - and it could put your site at risk
-
“Everybody's under pressure to do more with less” - Why Okta says you need an AI agent governance strategy, and sooner rather than later
AI agents, or non-human identities, are creating new weak points
The risks aren’t going unnoticed, though, with 89% of organizations planning to hire staff dedicated specifically to identity security in the next year. Furthermore, 87% plan to change their IAM provider, with 58% citing security concerns as their main reason for switching.
Security experts worry it could be too little too late, though, with 89% having already incorporated AI agents into their identity infrastructure and another 10% planning to do so.
Three in five (58%) security leaders now expect at least half of next year’s cyberattacks to be driven by agentic AI, and only 28% believe they’d fully recover from a cyber incident within 12 hours (down 15 percentage points in one year).
More alarmingly, 89% of ransomware victims agreed to pay the ransom to recover from, or stop, the attack.
Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.Despite an evolving landscape, common attack vectors aren’t changing. Four in five (79%) CrowdStrike detections didn’t involve malware – just the attacker logging in. Social engineering remains a key vector, with 86% of basic web app attacks today relying on stolen credentials, and non-human identities can be just as susceptible to deceit.
Social engineering (24%), legitimate credential compromise (21%), forged authentication tokens (20%) and MFA bypass (17%) are among the most popular, but that’s a good thing.
With this in mind, all security leaders need to do is tweak how they protect emerging tools from the same old threats.
So despite the surge in non-human identities, security teams aren’t actually faced with new challenges, just more systems to lock down.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
TOPICS AI
Craig HaleWith several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Logout Read more
The new identity paradigm must be hybrid, not just human
Major AI agents are being spoofed - and it could put your site at risk
“Everybody's under pressure to do more with less” - Why Okta says you need an AI agent governance strategy, and sooner rather than later
Hackers are stealing the keys and walking through the front door, and AI is helping them turn the handle
Gen AI is becoming a major security worry for all firms - here's how your business can stay safe
"AI security is identity security" - how Okta is weaving agents into the security fabric
Latest in Security
Gaming and gambling giant IGT reportedly hit by ransomware - here's what we know
China’s PlushDaemon group uses EdgeStepper implant to infect network devices with SlowStepper malware in global supply-chain attacks
Perplexity's Comet AI browser may have some concerning security flaws which could let hacker hijack your device
WordPress plugin with over a million installs may have a worrying security flaw - here's what we know
Fortinet admits it found another worrying zero-day being exploited in attacks
Trump administration wants to use federal power to challenge state AI laws
Latest in News
AI agents are fuelling an identity and security crisis for organizations
Upgrading tech could help UK businesses offset time lost on sick leave
HBO boss confirms release window delay for the DCU's Lanterns TV show
Android and iPhones call a truce – Quick Share now works with Apple's AirDrop
Twitch introduces facial age scans in the UK despite privacy concerns
How to watch 7Plus from anywhere – get the Ashes 25/26 livestream
LATEST ARTICLES- 1AI agents are fuelling an identity and security crisis for organizations
- 2HBO boss confirms release window delay for the DCU's Lanterns TV show
- 3Upgrading tech could help UK businesses offset time lost on sick leave
- 4Study Mode in ChatGPT doesn’t just give you the answer
- 5This $1 VPN just dropped a 90% off deal for Black Friday - here's how to grab yours
.png?width=1200&auto=webp&trim=0%2C115%2C0%2C85)