.jpg?1742225149)
kate.sade via Unsplash
67% of organizations experience a certificate-related outage monthly
A recent report by CyberArk revealed that 72% of organizations have experienced at least one certificate-related outage in the past year, marking a significant increase compared to previous years. Additionally, 50% of security leaders reported security incidents or breaches due to compromised machine identities.
Nearly three-quarters (72%) of respondents have suffered at least one certificate-related outage in the past year, with 67% experiencing outages monthly and 45% weekly. This marks a substantial jump from 2022, when 26% reported outages monthly and only 12% weekly.
Half (50%) of security leaders reported security incidents or breaches linked to compromised machine identities in the last year, which led to delays in application launches (51%), outages impacting customer experience (44%) and unauthorized access to sensitive data or networks (43%).
Machine identities outnumber human identities by an overwhelming margin and continue to grow quickly. Seventy-nine percent of security leaders anticipate the number of machine identities in their organization to increase, by as much as 150% over the next year.
As AI systems become a growing target for cyberattacks, 81% of security leaders believe machine identity security will play a vital role in securing the future of AI. Seventy-nine percent say securing AI models from manipulation and theft means putting greater emphasis on the need for machine identity authentication and authorization.
While 92% of security leaders report some form of machine identity security program, many of these programs lack maturity. Respondents reveal the lack of a cohesive machine identity security strategy as their biggest concern (42%), followed by challenges adapting to shorter machine identity lifecycles (37%) and the possibility of adversaries exploiting stolen machine identities (37%).
Where multiple tools to secure machine identities exist within organizations, inefficiencies, risk and management challenges are created. For example, responsibilities for preventing machine identity-related compromises were found to be split among security (53%), development (28%) and platform (14%) teams.
