Delinea, which provides centralized authorization technology, released its inaugural Cybersecurity and the AI Threat Landscape report. This document is based on exclusive Delinea research, as well as analysis of third-party studies and cyber incidents, and revealed a number of critical insights into the evolving threat landscape. With AI reshaping attack and defense strategies, the findings underscore the need for organizations to adapt security measures to counter AI-driven threats.
In particular, it uncovered growth in attacks targeting non-human identities (NHIs) such as service accounts, APIs and machine identities. Delinea’s research reveals that for every human identity, there are 46 NHIs, a number expected to exceed 45 billion (2025). Over 70 percent of NHIs are not rotated within recommended timeframes; the average cycle is 627 days. Additionally, 97 percent of organizations expose their NHIs to third-party vendors, increasing unauthorized access risk.
“One of the biggest challenges identified in the report is the increasing targeting of non-human identities,” said Delinea SVP, product management, Jon Kuhn. “For organizations, this shift means they are facing a massive and often ignored security gap. With the number of these machine identities expected to grow exponentially in the coming years as enterprises continue to rapidly adopt AI, the lack of proper credential management and the exposure of these identities to third parties creates serious vulnerabilities that cyber attackers can exploit to gain unauthorized access to critical systems and data.”
Five ransomware groups — RansomHub, LockBit, Play, Akira and Hunters — were responsible for over 36 percent of all ransomware incidents (2024), totaling over 5,700 attacks. Looking ahead, the report anticipates a surge in AI-driven phishing attacks, with cybercriminals using AI to craft increasingly convincing phishing emails, making it harder to distinguish legitimate communications from malicious ones.
“The rise in ransomware sophistication and the increasing prevalence of AI-driven attacks are undeniable trends in today’s cybersecurity landscape,” said Gal Diskin, VP of threat and research with Delinea. “Our research reveals that cybercriminals are increasingly using AI and powerful ransomware-as-a-service (RaaS) tools to launch more targeted and scalable attacks, particularly around phishing and machine identities. To stay ahead, organizations must adapt their security strategies, focusing not just on advanced threat detection, but also foundational security controls and strengthening multi-factor authentication (MFA) to combat the growing threat of credential phishing.”
