Identity security report highlights AI's growing role

Yesterday

A new report by Delinea indicates that nearly half of all security leaders cite securing credentials, secrets, and privileged accounts as a primary concern for the upcoming year.

The 2025 Identity Security Report exposes a notable increase in identity-related threats, a growing attention on non-human and machine identity security, and highlights the impact of artificial intelligence (AI). It also stresses the limitations of existing technologies in countering current threats. A shift in focus from authentication alone to encompassing authorisation and identification in managing data access is also outlined in the report.

Authored after surveying 300 technology and security leaders, Delinea's report titled "Why CISOs Must Prioritize a Strong Identity Security Strategy – and Where to Start," identifies the primary challenge for organisations as being the detection and response to identity threats amid escalating identity-focused vulnerabilities and threats like ransomware.

Art Gilliland, Chief Executive Officer of Delinea, stated, "Strong identity management has become foundational to an organisation's overall security posture. As businesses adapt to an increasingly complex digital landscape driven by cloud technologies, hybrid work models, and sophisticated cyber threats, legacy solutions will be exposed. Those who fail to evolve and implement modern identity security strategies risk falling victim to the next wave of cyberattacks, which are more frequently targeting vulnerable credentials."

Key revelations from the report show that a quarter of organisations are allocating over 30% of their IT budgets to Identity and Access Management (IAM), and more than half are dedicating 20% or more. Additionally, 78% are planning to increase spending on identity security in 2025.

As IAM strategies evolve, multifactor authentication (MFA) remains a priority for 51% of organisations, but there is also a significant focus on Cloud Infrastructure Entitlements Management (CIEM) and Identity Governance and Administration (IGA), each prioritised by 49% of respondents. Identity Threat Detection and Response (ITDR) and Privileged Access Management (PAM) follow closely at 46% and 43% respectively.

Challenges arise from the complexities within existing infrastructures, cited by a third of respondents as a major barrier to effective identity management. Issues such as resistance from users, siloed identity technologies, a lack of integration, and outdated legacy systems exacerbating these complexities were also noted, with 88% considering consolidating their IAM vendors within the year.

The study identifies the top five IAM priorities: detection and response to identity threats, the securing of credentials, secrets, and privileged accounts, cloud-based management of identities and entitlements, full visibility over all identities and access levels, and mitigating risks associated with remote work and third-party interactions.

Looking towards future advancements, the report highlights AI's potential role in transforming identity security. A striking 94% of surveyed organisations plan to adopt AI-driven identity technologies, with 55% having started this process. AI is anticipated to automate identity governance, improve threat detection, and secure machine-to-machine identities, noted as a priority for 28% next year.

Share on: