Indian Firms Prioritising Speed Over Security as AI and Machine Identities Surge: Report

Cyberark has announced the release of the 2025 Identity Security Landscape, a global study revealing how organisations are inadvertently creating a new identity-centric attack surface through growing use of AI and cloud.

The report shows that machine identities are mostly unknown and uncontrolled within organisations, while the primary roadblocks to Agentic AI adoption involve security concerns around external manipulation and sensitive access, signposting the emergence of a new and potent identity security challenge.

2025 Identity Security Landscape Highlights

‘Rise of the machines’ contributes to unsecured privilege sprawl: Machine identities, driven primarily by cloud and AI, now vastly outnumber human identities within organisations and nearly half have sensitive or privileged access. However, many enterprises leave both human and machine access to critical systems under-secured. 

• There are 82 machine identities for every human in organisations worldwide.
• In eighty eight percent of organisations, the definition of a ‘privileged user’ applies solely to human identities – but forty two percent of machine identities have privileged or sensitive access.
• Fifty eight percent do not have identity security controls in place to secure cloud infrastructure and workloads.
• Seventy six percent of organisations experienced at least two successful identity-centric breaches in the past 12 months, ranging from phishing and vishing attacks including deepfakes, compromised privileged access to identity and third-party identity theft.

AI is everywhere and identity-centric agentic AI risk looms:

Sanctioned and unsanctioned adoption of AI and large language models (LLMs) is simultaneously transforming organisations while amplifying cybersecurity risks. Concerns around the emergence of AI agents and their privileged access underscores the urgency for targeted identity security investment.

• AI will drive the creation of the greatest number of new identities with privileged and sensitive access in 2025.
• Sixty eight percent of organisations lack identity security controls for AI.
• Thirty seven percent cannot secure shadow AI usage in their organisation.
• AI agent adoption roadblocks include manipulation and sensitive access concerns.

Complexity and identity silos are overwhelming security leaders and undermining business resilience: 

Fragmented identity security programs and poor environmental visibility are diminishing resilience in the face of evolving cybersecurity threats. Most organisations face increased privilege-related compliance pressure.

• Sixty eight percent of Indian respondents say identity silos are a root cause of organisational cybersecurity risk.
• Seventy seven percent of Indian security professionals agree that their organisations prioritize business efficiencies over robust cybersecurity.
• Human and machine identities – many of them with privileged access – are expected to double in 2025.
• Eighty five percent of Indian organisations are under increased pressure from insurers mandating enhanced privilege controls.

“The rapid adoption of AI in India’s dynamic business environment has introduced complex challenges when it comes to managing machine identities and their privileged access. As AI-driven processes gain momentum, security leaders in India must rethink their identity security strategies to address the growing risk of unmanaged identities, both human and machine. Modernizing these strategies is essential to protecting critical data, ensuring compliance, and mitigating the growing threat landscape," Rohan Vaidya, Area Vice President, SAARC & India, CyberArk, said.

The 2025 Identity Security Landscape was conducted across private and public sector organisations of 500 employees and above. It was conducted by market researchers Vanson Bourne amongst 2,600 cybersecurity decision makers.

Respondents were based in Brazil, Canada, Mexico, US, France, Germany, Italy, the Netherlands, Spain, UK, UAE, Saudi Arabia, South Africa, Australia, India, Hong Kong, Israel, Japan, Singapore and Taiwan.