CYBERSECURITY
The cybersecurity landscape is undergoing a dramatic shift. Bot accounts, service identities, APIs and automated processes now overwhelm corporate networks, vastly outnumbering human users and creating security blind spots that organisations are struggling to address.
This explosion of machine identities is reshaping enterprise security priorities, as threat actors increasingly target stolen credentials rather than deploying traditional malware. For many security teams, keeping track of who – or what – has access to critical systems has become nearly impossible.
According to recent research from CrowdStrike, identity-based attacks now account for 75 % of initial access attempts in enterprise breaches. As Zeki Turedi, Field CTO Europe at CrowdStrike, put it when speaking with Cyber Magazine:“ Identity is the new major battleground in cybersecurity – and visibility is critical to building a strong defence.”
CyberArk research exposes machine identity protection gaps within enterprise environments A new report from CyberArk highlights this challenge. Its 2025 Identity Security Landscape study, spanning 2,600 cybersecurity decision makers across 20 countries, found machine identities now outnumber human identities by a staggering 82-to-1 margin within enterprise environments.
75 %
of initial attack access attempts now involve identity-based methods rather than malware
Despite this imbalance, most organisations remain fixated on humancentric security models. The study found 88 % of respondents define privileged users exclusively as humans, even though 42 % of machine identities now possess privileged or sensitive access within their networks.
Clarence Hinton, Chief Strategy Officer at CyberArk, sees this
122 June 2025