CyberArk report reveals rise in machine identity breaches

CyberArk has released its 2025 State of Machine Identity Security Report, highlighting an increase in security incidents linked to the rapid growth of machine identities.

The report indicates that despite a high level of awareness among Australian organisations regarding machine identity security, many programs remain underdeveloped, with the country falling 13% below the global average in terms of having dedicated programs. Nearly half of Australian security leaders reported incidents or breaches due to compromised machine identities.

The analysis found that 69% of Australian organisations experienced at least one certificate-related outage in the past year. Moreover, almost half faced significant business impact due to expired TLS certificates.

Thomas Fikentscher, Area Vice President for ANZ at CyberArk, emphasised the need for a unified strategy: "As Australian organisations accelerate digitalisation, automation and AI adoption, the growth and complexity of machine identities make securing them critical. Expired certificates and compromised machine identities are not just technical issues—they have real business impact, from application downtime to unauthorised access. To address these challenges, organisations must move beyond fragmented approaches and establish a unified machine identity security strategy in order to get full transparency and be able to effectively mitigate risks."

Key findings from the report revealed that 69% of respondents experienced certificate-related outages within the past year, with 63% encountering them monthly and 33% weekly. Additionally, 41% reported incidents or breaches linked to compromised machine identities, a figure that is 12% above the global average.

The report also shows that the number of machine identities is rapidly outstripping human identities, with Australian security leaders predicting significant growth in the number of machine identities, 81% foresee an increase in their organisations. 73% anticipate growth rates of up to 50%, while 6% expect more than a 50% increase.

According to the report, 76% of security leaders view machine identity security as crucial for securing the future of AI. Seventy-seven percent highlight the importance of safeguarding AI models from manipulation and theft, which necessitates greater emphasis on machine identity authentication and authorisation.

However, the maturity of machine identity security programmes remains a concern. While 89% possess some form of security program, many lack a holistic approach, with 39% citing the absence of a coherent strategy as a major issue. Service disruptions due to expired certificates and challenges in revoking compromised identities also pose significant hurdles for 39% and 37% of respondents respectively.

The report suggests that a siloed approach exacerbates risks and inefficiencies within organisations. Responsibilities for preventing machine identity-related compromises are often divided among security (54%), development (24%), and platform (12%) teams.

Kurt Sand, GM of Machine Identity Security at CyberArk, commented on the findings: "Machine identities of all kinds will continue to skyrocket over the next year, bringing not only greater complexity but also increased risks. Cybercriminals are increasingly targeting machine identities – from API keys to code signing certificates – to exploit vulnerabilities, compromise systems and disrupt critical infrastructure, leaving even the most advanced businesses dangerously exposed. This research highlights the urgency for security leaders to establish a comprehensive, end-to-end machine identity security strategy that tackles the non-human identities that matter most to prevent potential attacks and outages—especially as AI agents continue to rise and the quantum attack timeline shortens."