New CyberArk Research: Rapid Growth of Machine Identities, AI Adoption and Cloud Native Innovations Leave Organizations More Vulnerable to Attacks
CyberArk (NASDAQ: CYBR) has released its 2025 State of Machine Identity Security Report, revealing significant challenges in machine identity security. The study, surveying over 1,200 security leaders, shows that 72% of organizations experienced certificate-related outages in the past year, with 67% facing monthly outages and 45% weekly outages.
The report highlights that 50% of security leaders reported security incidents due to compromised machine identities, leading to application launch delays (51%), customer experience impacts (44%), and unauthorized data access (43%). Machine identities are projected to increase by up to 150% over the next year, with 81% of security leaders viewing machine identity security as crucial for AI protection.
Key challenges include lack of cohesive security strategy (42%), adapting to shorter machine identity lifecycles (37%), and potential exploitation of stolen identities (37%). Responsibilities for security are split among security (53%), development (28%), and platform (14%) teams.
CyberArk (NASDAQ: CYBR) ha pubblicato il suo Rapporto sulla Sicurezza dell'Identità delle Macchine 2025, rivelando sfide significative nella sicurezza dell'identità delle macchine. Lo studio, che ha intervistato oltre 1.200 leader della sicurezza, mostra che il 72% delle organizzazioni ha subito interruzioni legate ai certificati nell'ultimo anno, con il 67% che ha affrontato interruzioni mensili e il 45% interruzioni settimanali.
Il rapporto evidenzia che il 50% dei leader della sicurezza ha segnalato incidenti di sicurezza a causa di identità delle macchine compromesse, portando a ritardi nel lancio delle applicazioni (51%), impatti sull'esperienza del cliente (44%) e accesso non autorizzato ai dati (43%). Si prevede che le identità delle macchine aumenteranno fino al 150% nel prossimo anno, con l'81% dei leader della sicurezza che considera la sicurezza dell'identità delle macchine cruciale per la protezione dell'IA.
Le principali sfide includono la mancanza di una strategia di sicurezza coesa (42%), l'adattamento a cicli di vita delle identità delle macchine più brevi (37%) e il potenziale sfruttamento delle identità rubate (37%). Le responsabilità per la sicurezza sono suddivise tra i team di sicurezza (53%), sviluppo (28%) e piattaforma (14%).
CyberArk (NASDAQ: CYBR) ha lanzado su Informe sobre el Estado de la Seguridad de la Identidad de las Máquinas 2025, revelando desafíos significativos en la seguridad de la identidad de las máquinas. El estudio, que encuestó a más de 1.200 líderes de seguridad, muestra que el 72% de las organizaciones experimentó interrupciones relacionadas con certificados en el último año, con el 67% enfrentando interrupciones mensuales y el 45% interrupciones semanales.
El informe destaca que el 50% de los líderes de seguridad reportaron incidentes de seguridad debido a identidades de máquinas comprometidas, lo que llevó a retrasos en el lanzamiento de aplicaciones (51%), impactos en la experiencia del cliente (44%) y acceso no autorizado a datos (43%). Se prevé que las identidades de máquinas aumenten hasta un 150% en el próximo año, con el 81% de los líderes de seguridad considerando la seguridad de la identidad de las máquinas como crucial para la protección de la IA.
Los principales desafíos incluyen la falta de una estrategia de seguridad cohesiva (42%), la adaptación a ciclos de vida de identidad de máquina más cortos (37%) y la posible explotación de identidades robadas (37%). Las responsabilidades de seguridad se dividen entre los equipos de seguridad (53%), desarrollo (28%) y plataforma (14%).
CyberArk (NASDAQ: CYBR)는 2025년 기계 신원 보안 상태 보고서를 발표하며 기계 신원 보안에서의 중대한 도전을 드러냈습니다. 1,200명 이상의 보안 리더를 대상으로 한 연구에 따르면, 72%의 조직이 지난 1년 동안 인증서 관련 중단을 경험했습니다, 67%는 월간 중단을, 45%는 주간 중단을 겪었습니다.
보고서는 50%의 보안 리더가 손상된 기계 신원으로 인한 보안 사건을 보고했다고 강조하며, 이는 애플리케이션 출시 지연(51%), 고객 경험 영향(44%), 무단 데이터 접근(43%)으로 이어졌습니다. 기계 신원은 내년까지 최대 150% 증가할 것으로 예상되며, 81%의 보안 리더가 기계 신원 보안을 AI 보호에 있어 필수적이라고 보고했습니다.
주요 도전 과제로는 응집력 있는 보안 전략 부족(42%), 짧아진 기계 신원 생애 주기에 대한 적응(37%), 도난당한 신원의 잠재적 악용(37%) 등이 포함됩니다. 보안 책임은 보안 팀(53%), 개발 팀(28%), 플랫폼 팀(14%) 간에 분배되어 있습니다.
CyberArk (NASDAQ: CYBR) a publié son Rapport sur l'État de la Sécurité de l'Identité des Machines 2025, révélant des défis significatifs en matière de sécurité de l'identité des machines. L'étude, qui a interrogé plus de 1 200 responsables de la sécurité, montre que 72% des organisations ont connu des interruptions liées aux certificats au cours de l'année passée, avec 67% faisant face à des interruptions mensuelles et 45% à des interruptions hebdomadaires.
Le rapport souligne que 50% des responsables de la sécurité ont signalé des incidents de sécurité dus à des identités de machines compromises, entraînant des retards dans le lancement d'applications (51%), des impacts sur l'expérience client (44%) et des accès non autorisés aux données (43%). On prévoit que les identités des machines augmenteront jusqu'à 150% au cours de l'année prochaine, avec 81% des responsables de la sécurité considérant la sécurité de l'identité des machines comme cruciale pour la protection de l'IA.
Les principaux défis incluent le manque d'une stratégie de sécurité cohérente (42%), l'adaptation à des cycles de vie des identités des machines plus courts (37%) et l'exploitation potentielle des identités volées (37%). Les responsabilités en matière de sécurité sont réparties entre les équipes de sécurité (53%), de développement (28%) et de plateforme (14%).
CyberArk (NASDAQ: CYBR) hat seinen Bericht über den Stand der Sicherheit von Maschinenidentitäten 2025 veröffentlicht, der erhebliche Herausforderungen in der Sicherheit von Maschinenidentitäten aufzeigt. Die Studie, die über 1.200 Sicherheitsverantwortliche befragte, zeigt, dass 72% der Organisationen im vergangenen Jahr unter ausfallbedingten Unterbrechungen aufgrund von Zertifikaten litten, wobei 67% monatliche und 45% wöchentliche Unterbrechungen erlebten.
Der Bericht hebt hervor, dass 50% der Sicherheitsverantwortlichen von Sicherheitsvorfällen berichteten, die durch kompromittierte Maschinenidentitäten verursacht wurden, was zu Verzögerungen beim Anwendungsstart (51%), Auswirkungen auf die Kundenerfahrung (44%) und unbefugtem Datenzugriff (43%) führte. Es wird prognostiziert, dass die Maschinenidentitäten im nächsten Jahr um bis zu 150% zunehmen werden, wobei 81% der Sicherheitsverantwortlichen die Sicherheit von Maschinenidentitäten als entscheidend für den Schutz von KI ansehen.
Wesentliche Herausforderungen sind der Mangel an einer kohärenten Sicherheitsstrategie (42%), die Anpassung an kürzere Lebenszyklen von Maschinenidentitäten (37%) und die potenzielle Ausnutzung gestohlener Identitäten (37%). Die Verantwortlichkeiten für die Sicherheit sind auf die Teams für Sicherheit (53%), Entwicklung (28%) und Plattform (14%) verteilt.
- 92% of organizations have implemented some form of machine identity security program
- Growing awareness of machine identity security importance for AI protection (81% of leaders)
- Clear identification of security challenges enabling targeted improvements
- 72% of organizations experienced certificate-related outages, with significant increase in frequency
- 50% reported security breaches from compromised machine identities
- Lack of cohesive machine identity security strategy in most organizations
- Split responsibilities between teams creating security management challenges
Machine identities—including certificates, keys, secrets and access tokens—are exploding amid the rise of artificial intelligence (AI) adoption, cloud native innovations and shorter machine identity lifespans. As a result, organizations are struggling to keep up and siloed approaches to securing machine identities creates its own risks. The report shows the substantial business impacts of not securing machine identities effectively, leaving organizations vulnerable to costly outages and breaches.
2025 State of Machine Identity Security Report Highlights
CyberArk surveyed more than 1,200 security leaders across multiple countries. Key findings from the research include:
-
Frequency of outages surges dramatically – Nearly three-quarters (
72% ) of respondents have suffered at least one certificate-related outage in the past year, with67% experiencing outages monthly and45% weekly. This marks a substantial jump from 2022, when26% reported outages monthly and only12% weekly.
-
Machine identity-related compromises have substantial business impacts – Half (
50% ) of security leaders reported security incidents or breaches linked to compromised machine identities in the last year, which led to delays in application launches (51% ), outages impacting customer experience (44% ) and unauthorized access to sensitive data or networks (43% ).
-
Machine identity growth continues at pace – Machine identities outnumber human identities by an overwhelming margin and continue to grow quickly. Seventy-nine percent of security leaders anticipate the number of machine identities in their organization to increase, by as much as
150% over the next year.
-
AI looms large on the machine identity threat horizon – As AI systems become a growing target for cyberattacks,
81% of security leaders believe machine identity security will play a vital role in securing the future of AI. Seventy-nine percent say securing AI models from manipulation and theft means putting greater emphasis on the need for machine identity authentication and authorization.
-
Machine identity security programs lack maturity – While
92% of security leaders report some form of machine identity security program, many of these programs lack maturity. Respondents reveal the lack of a cohesive machine identity security strategy as their biggest concern (42% ), followed by challenges adapting to shorter machine identity lifecycles (37% ) and the possibility of adversaries exploiting stolen machine identities (37% ).
-
Siloed approach to securing machine identities creates risk – Where multiple tools to secure machine identities exist within organizations, inefficiencies, risk and management challenges are created. For example, responsibilities for preventing machine identity-related compromises were found to be split among security (
53% ), development (28% ) and platform (14% ) teams.
“Machine identities of all kinds will continue to skyrocket over the next year, bringing not only greater complexity but also increased risks,” said Kurt Sand, GM of Machine Identity Security at CyberArk. “Cybercriminals are increasingly targeting machine identities – from API keys to code signing certificates – to exploit vulnerabilities, compromise systems and disrupt critical infrastructure, leaving even the most advanced businesses dangerously exposed. This research highlights the urgency for security leaders to establish a comprehensive, end-to-end machine identity security strategy that tackles the non-human identities that matter most to prevent potential attacks and outages—especially as AI agents continue to rise and the quantum attack timeline shortens.”
To read the full report and access additional findings, please visit https://www.cyberark.com/2025-state-of-machine-identity-security-report/.
Additional Resources:
1Research was conducted by Censuswide among a sample of 1,201 security and IT decision-makers in organizations with 500 or more employees across the
About CyberArk
CyberArk (NASDAQ: CYBR) is the global leader in identity security, trusted by organizations around the world to secure human and machine identities in the modern enterprise. CyberArk’s AI-powered Identity Security Platform applies intelligent privilege controls to every identity with continuous threat prevention, detection and response across the identity lifecycle. With CyberArk, organizations can reduce operational and security risks by enabling zero trust and least privilege with complete visibility, empowering all users and identities, including workforce, IT, developers and machines, to securely access any resource, located anywhere, from everywhere. Learn more at cyberark.com.
Copyright © 2025 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250313883089/en/
Investor Relations:
Srinivas Anantha, CFA
CyberArk
617-558-2132
ir@cyberark.com
Media:
Rachel
CyberArk
603-531-7229
press@cyberark.com
Source: CyberArk