Expansion of Machine Identities Increases Organisations' Exposure to Cyberattacks
In a recent report by CyberArk, the state of machine identity security in Australia has come under the spotlight. The findings reveal a growing concern as the volume and complexity of machine identities increase, with nearly half of security leaders reporting security incidents or breaches linked to compromised machine identities in the last year.
One of the significant issues highlighted is the prevalence of SSL/TLS certificate-related breaches, with 45% of the incidents reported being caused by these certificates. Expired certificates leading to service disruptions and outages is a significant concern for 39% of security leaders in Australia.
The report indicates that the number of machine identities in Australian organizations is expected to increase. Over two-thirds (73%) predict growth by up to 50%, and 81% of security leaders anticipate an increase. This growth, coupled with the complexity of machine identities, is causing organizations to struggle, leading to siloed approaches that create additional risks.
The frequency of certificate-related outages in Australia has increased significantly. Sixty-nine percent of respondents have experienced at least one in the past year, with 63% experiencing them monthly and 33% weekly. Nearly half of organizations that suffered a certificate-related outage experienced significant business impact due to an expired TLS certificate.
The report highlights the substantial business impacts of not securing machine identities effectively, leaving organizations vulnerable to costly outages and breaches. In fact, the siloed approach to securing machine identities in Australian organizations creates inefficiencies, risk, and management challenges.
AI systems are becoming a growing target for cyberattacks, and 76% of security leaders believe machine identity security will play a vital role in securing the future of AI. Securing AI models from manipulation and theft means putting greater emphasis on the need for machine identity authentication and authorisation, according to 77% of security leaders.
Despite these concerns, the report shows that the majority of Australian organizations have some form of machine identity security program, but many are still immature. The lack of a cohesive machine identity security strategy is the biggest concern for 39% of respondents. Responsibilities for preventing machine identity-related compromises are split among security (54%), development (24%), and platform (12%) teams in Australian organizations.
Less than half of Australian organizations have a dedicated machine identity security program, which is below the global average. The inability to quickly find and revoke compromised identities is a concern for 37% of security leaders in Australia.
In conclusion, the 2025 State of Machine Identity Report underscores the urgent need for Australian organizations to strengthen their machine identity security measures. As the adoption of AI and cloud native innovations continues to grow, so too will the proliferation of machine identities. It is essential for organizations to invest in mature machine identity security programs to protect against costly outages and breaches.
Read also:
- Understanding Hemorrhagic Gastroenteritis: Key Facts
- Stopping Osteoporosis Treatment: Timeline Considerations
- Trump's Policies: Tariffs, AI, Surveillance, and Possible Martial Law
- Expanded Community Health Involvement by CK Birla Hospitals, Jaipur, Maintained Through Consistent Outreach Programs Across Rajasthan
