Press ReleaseCloud SecurityCyber SafetyIdentity & AccessThreat Detection & Defense

CyberArk Highlights Identity Security Struggles as AI Adoption Grows in Asia Pacific

69% of APAC organisations lack identity security controls for AI

Photo of CSA Editorial CSA Editorial Send an email April 29, 2025
2 minutes read

In its latest 2025 Identity Security Landscape global study, CyberArk revealed how organisations are inadvertently creating a new identity-centric attack surface through the growing use of AI and cloud. The report shows that machine identities are mostly unknown and uncontrolled within organisations, while the primary roadblocks to Agentic AI adoption involve security concerns around external manipulation and sensitive access, signposting the emergence of a new and potent identity security challenge.

2025 Identity Security Landscape Highlights – Asia Pacific (APAC)

‘Rise of the machines’ contributes to unsecured privilege sprawl: Machine identities, driven primarily by cloud and AI, now vastly outnumber human identities within organisations and close to 40% have sensitive or privileged access. However, many enterprises leave both human and machine access to critical systems under-secured.

  • In APAC, there are 82 machine identities for every human identity in organisations.
  • Human and machine identities – many of them with privileged access – are expected to double in 2025.
  • In 89% of APAC organisations, the definition of a ‘privileged user’ applies solely to human identities despite 39% of machine identities having privileged or sensitive access.
  • 82% of APAC respondents faced successful identity-centric breaches due to phishing attacks in the past 12 months.
  • The anticipated top three drivers of 2025 cybersecurity spending among APAC organisations are:
    • AI and Large Language models (LLMs) and tools adoption (59%)
    • Security operations – threat detection and response (48%)
    • Adoption of zero-trust and identity security (39%)

AI is everywhere and identity-centric agentic AI risk looms: Sanctioned and unsanctioned adoption of AI and large language models (LLMs) are simultaneously transforming organisations while amplifying cybersecurity risks. Concerns around the emergence of AI agents and their privileged access underscores the urgency for targeted identity security investment.

  • 69% of APAC organisations lack identity security controls for AI.
  • AI is expected to drive the creation of the greatest number of new identities with privileged and sensitive access in 2025.
  • 46% of APAC respondents cannot secure shadow AI usage in their organisation.
  • AI agent adoption roadblocks include manipulation and sensitive access concerns.

Complexity and identity silos are overwhelming security leaders and undermining business resilience: Fragmented identity security programs and poor environmental visibility are diminishing resilience in the face of evolving cybersecurity threats. In addition, most organisations face increased privilege-related compliance pressure.

  • 76% of APAC security professionals agree that their organisations prioritise business efficiencies over robust cybersecurity.
  • 88% of APAC organisations are under increased pressure from insurers mandating enhanced privilege controls.

“The race to embed AI into environments has inadvertently created a new set of identity security risks centred around the access of unmanaged and unsecured machine identities – and the privileged access of AI agents will represent an entirely new threat vector,” said Clarence Hinton, Chief Strategy Officer at CyberArk. “To stay resilient, CISOs and security leaders must modernise their identity security strategies to contend with a new and expanding attack surface characterised by the proliferation of identities with privileged access and made worse by damaging identity silos.”

“The explosion of machine identities – most of them with privileged access and little oversight – is creating a perfect storm of risk. With close to 70% of APAC organisations lacking controls for AI-driven identities and machine identities outnumbering humans 82 to 1, it is no longer just about securing people — it is about securing every identity. As AI becomes more embedded in business operations, organisations need to adopt a proactive, identity-first approach to building cyber resilience and maintaining trust,” said Lim Teck Wee, Area Vice President, ASEAN, CyberArk.

Tags
Photo of CSA Editorial CSA Editorial Send an email April 29, 2025
2 minutes read
Photo of CSA Editorial

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

2025 Thales Data Threat Report

2025 Thales Data Threat Report Reveals Top GenAI-Related Security Risk

May 22, 2025
2025 Cybersecurity Readiness Index

Cisco’s 2025 Cybersecurity Readiness Index Finds Alarming Deficiencies in Security Readiness in Malaysia

May 22, 2025
2025 Jumio Online Identity Study

2025 Jumio Online Identity Study Reveals Crumbling Consumer Trust in Digital Life

May 21, 2025
Acronis TRU

Acronis TRU Reveals SideWinder’s Geofenced Malware Targeting Regional Defence, Financial Bodies

May 21, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *

(c) Asia Online Publishing Group 2024 - Media and PR enquiries - editor@aopg.net