The pandemic years saw organisational digital initiatives drive hundreds of thousands of new human and non-human identities per firm, with cybersecurity investments to secure these initiatives often not keeping pace.
According to new research from CyberArk, the resulting ‘cyber debt’ from this lag is set to compound in 2023.
CyberArk 2023 Identity Security Threat Landscape Report
The CyberArk 2023 Identity Security Threat Landscape Report found that every UK organisation asked (100%) anticipates they will experience an identity-related security compromise in 2023, with a majority (61%) saying this will happen as a result of a digital transformation initiative such as cloud adoption or legacy app migration.
Alongside this, 61% expect employee churn to drive cyber issues in 2023. It’s a particularly concerning find given investment in digital and cloud initiatives is still ongoing as business leaders seek to unlock greater efficiencies. UK firms expect human and machine identities – many with sensitive access - to grow 3.4x in 2023.
Generative AI - pros and cons
UK cybersecurity teams also report embracing AI at scale, with 88% adopting it
Organisations believe macro issues, such as the global economic squeeze, elevated levels of staff turnover, and an uncertain political environment are also likely to lead to identity-centric compromise.
Against a backdrop of the growing popularity and fast adoption of generative AI, the research also revealed that 87% of UK security professionals expect AI-enabled threats to affect their organisation in 2023, with AI-powered malware cited as the number one concern. UK cybersecurity teams also report embracing AI at scale, with 88% adopting it, for example, to address the cyber skills gap, or for breach detection.
Cloud and digital initiatives
“Despite firms having to tighten their belts, cutting costs through reduced staffing and budgets the drive within organisations to enhance business efficiencies through the cloud and digital initiatives remains strong."
"New environments create new identities to secure and, consequently, compromising identities will remain the most efficient method for attackers to evade cyber defences and gain access to critical data and assets,” said Rich Turner, senior vice president, of EMEA at CyberArk.
Addressing cloud and digital initiatives
“The identity-centric attack surface is a priority to secure. To be best positioned to weather the current storm, firms should follow a risk-based strategy to secure critical assets."
"The stakes are high and, in this environment, we now increasingly see organisations initiate programmes to consolidate operations on a smaller set of trusted partners and solutions to build resilience.”
- Network / IP
- Digital video surveillance
- Industrial security
- Commercial security
- Security management
- Security policy
- Security tagging
- Security monitoring system
- Network monitoring
- Video analytics
- Remote video monitoring
- Identity management
- Industrial security systems
- Security software
- Security service
- Industrial surveillance
- Human identification system
- Visitor management systems
- Integration software
- Cyber security
- Video Management System
- Corporate Security
- Central Monitoring
- Data Security
- Network Video Recorders
- Digital Video Recorders
- Incident Management
- Cloud security
- Artificial intelligence (AI)
- Smart home
- COVID-19
- Mergers & Acquisitions
- Smart Cities
