Machine identity security is quickly becoming a critical aspect of modern cybersecurity strategies, and it’s more than likely that many of your customers are struggling to build a cohesive approach to protect these digital credentials, suggest findings from identity security company CyberArk. Playing a foundational role in connecting devices, applications, APIs and cloud services securely, machine identities are the unique descriptors that “identify” servers, computers, phones and other devices to enable communication and system access. And as their use continues to expand, so does the complexity of managing them effectively, warned CyberArk researchers. For starters, machine identities now outnumber human identities by an overwhelming margin. Driven by factors such as the rise of cloud native technologies and personal devices, AI and IoT, not only are there more machine identities than ever in corporate networks, but the shrinking lifespans of machine credentials in today’s fast-paced development cycles further adds to the sheer scale. “Each instance requires a unique identity to authenticate and communicate securely, adding to the already staggering growth in machine identities – particularly as organizations begin to embrace agentic AI,” researchers at CyberArk pointed out. Moving forward, 79 percent of organizations expect the number of machine identities to grow during the next year, with 63 percent projecting increases of up to 50 percent, and 16 percent anticipating more aggressive growth between 50 and 150 percent per year. The end result is more points of potential failure. Not surprisingly, malicious actors have taken notice. Cybercriminals now target machine identities as entry points for attacks, and those types of attacks are increasing in numbers, reported CyberArk. “By exploiting weaknesses in authentication systems or leveraging expired or mismanaged credentials, attackers can move laterally within networks, access sensitive data and disrupt critical operations.” Among the most concerning machine ID assets vulnerable to compromise are API keys and SSL/ TLS certificates, both reported by about a third of security administrators as having been compromised, with SSH keys, code signing certificates and mobile certificates closely behind. Also not surprisingly, this list is for the most part consistent with the list of machine identities that are perceived as difficult to secure. Already, half of organizations surveyed reported security breaches linked to compromised machine identities in the past year. And the business impact of these breaches is significant, with victims reporting delays in application launches, outages that hurt customer experience and unauthorized access to sensitive data or networks. In addition to compromises, certificaterelated outages, which prevent access to business-critical systems, are especially prevalent, with 72 percent of organizations experiencing at least one in the last year and 34 percent suffering multiple. Most organizations recognize the critical role of machine identities in securing systems and data. A full 92 percent work under a machine identity security program, and 44 percent plan to expand their use. On the other hand, the broad adoption doesn’t always equate to maturity. More than four in 10 security leaders admit their organizations lack a cohesive machine identity security strategy across environments, business units and machine identity types. o Top Machine IDs Involved in Security Incident API keys 34% SSL/TLS certificates 34% IoT certificates 29% SSH certificates 28% Service account tokens 27% Top Machine IDs Challenging to Secure API keys 36% SSL/TLS certificates 34% IoT certificates 33% SSH keys and certificates 27% Mobile certificates 26% Source: CyberArk Machine identity security a growing priority By Martin Vilaboy CYBER PATROL Rage Against Their Machines 18 CHANNELVISION | MARCH - APRIL 2025
RkJQdWJsaXNoZXIy NTg4Njc=