IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Digital illustration swarm faceless humanoid code circuit agents around businessperson computer cybersecurity threats
#
Ransomware
#
Advanced Persistent Threat Protection
#
IAM

AI-driven agents spark new identity crisis for cyber security

Wed, 19th Nov 2025
Author image
By Shannon Williams, Journalist

Organisations face an accelerating cyber risk as the number of digital identities in the workplace multiplies, with AI agents playing a key role in creating new security challenges. According to new survey data, 90% of global business leaders now see identity attacks as their primary cybersecurity concern, as the adoption of agent-based AI technologies increases the presence of non-human identities (NHIs) within enterprise systems.

Identity overload

Enterprises are experiencing rapid growth in digital identities resulting from the deployment of AI-driven agents and service accounts. The survey shows that NHIs now outnumber human users by 82 to 1. This proliferation has expanded the potential attack surface for cybercriminals, complicating the work of IT and security teams trying to defend critical infrastructure.

As a consequence, 89% of organisations intend to recruit staff in the next year who are focused on identity management and security. The demand reflects a growing need for specialist skills to cope with the increasing complexity of managing identity infrastructure and access controls for both humans and machines.

Adoption of AI agents

AI agents have become entrenched in enterprise IT environments. According to the research, 89% of respondents reported that they have integrated AI agents into their identity systems, with an additional 10% planning to do so. This means that by next year, virtually all large organisations expect to have some form of AI agents as part of their operational landscape.

IT and security decision-makers predict that agentic AI will play a significant role in driving future cyberattacks. The survey found that 58% of these respondents believe half or more of the attacks encountered in the next year will originate from or involve AI-driven agents, highlighting a shift in the cyber threat landscape.

Rising focus on identity management

Rapid changes are underway in the approach to Identity and Access Management (IAM) solutions. The data indicates that 87% of organisations are either considering or already changing their IAM providers, with 58% citing security concerns as the main factor motivating these moves.

This shift is driven by the recognition that existing IAM tools may not sufficiently address the risks posed by an increasing number of NHIs and the evolving tactics of cyber attackers, who are often securing access by exploiting compromised credentials rather than technical vulnerabilities.

"I could have unlimited amounts of technology in place. But if someone socially engineers our support desk to hand over admin passwords, that's the end of the game. That's why identity resilience is key," said Andrew Albrech, Chief Information Security Officer, Dominos.

Weakening recovery confidence

Confidence in recovering quickly from a cyberattack is falling among business leaders. The proportion of respondents who believe they could restore full operations within 12 hours of an incident declined to 28%, compared to 43% in the previous year. The majority - 58% - now expect recovery to take at least two days in the event of an identity compromise or breach.

Ransomware remains an entrenched threat. Of those companies impacted by ransomware in the last year, 89% paid a ransom, either to recover their data or to halt an ongoing attack. This trend underlines concerns about the resilience of current identity systems and the high stakes involved in digital security failures.

Call for resilience

As attackers increasingly exploit identity-based vulnerabilities, experts in the sector stress the importance of a comprehensive and resilient approach to identity security.

"The rise of identity-driven attacks is changing the face of cyber defence. Managing identities in the era of AI has become a complex endeavour, especially with the labyrinth of NHIs. We have an under-the-radar crisis on our hands where a single compromised credential can grant full access to an organisation's most sensitive data. Attackers are no longer breaking in, but logging in, and comprehensive Identity Resilience is absolutely critical to cyber recovery in this new landscape," said Kavitha Mariappan, Chief Transformation Officer, Rubrik.
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Riverbed unveils AI tool to automate workplace IT support
HCLTech assembles tech leaders to reshape ANZ digital
Atturra, Comtrac partner on AI-driven investigation tools
AI surge keeps Gigamon atop fast-growing observability
Music tech predictions for 2026: Insights from Tuned Global

Top stories

Continental appoints Rohit Markan to lead APAC growth
Rockwell Automation earns Asia Pacific workplace honour
AI shifts cybersecurity priorities amid rising threats
Telstra expands satellite messaging to remote workers
PEXA boosts property exchange resilience with AWS tech