Attacks related to non-human identities increase

New data shows that one in five organizations has experienced a security incident related to non-human identities; and only 15 percent remain confident in their ability to secure them.

A report from the Cloud Security Alliance (CSA), and Astrix Security reveals that there is a growing recognition of the importance of investing in NHI security with a quarter of organizations already investing in these capabilities and an additional 60 percent planning to within the next twelve months.

"NHIs -- like bots, API keys, service accounts, OAuth tokens, and secrets -- are all lifelines of today’s organizations, enabling automation, efficiency, and innovation," says John Yeoh, global VP of research at CSA. "And while organizations recognize the importance of securing NHIs and often deploy a mix of tools like Identity Access Management systems, these tools are not specifically tailored to the unique challenges that NHIs present. The mismatch is evident in recent attacks on major brands like AWS, Okta, Cloudflare, and Microsoft, where despite having security measures in place, hackers still managed to infiltrate. This joint survey only underscores this vast issue, highlighting that NHIs can not be treated the same as human identities."

Only 1.5 out of 10 organizations are highly confident in their ability to secure NHIs, compared to nearly one in four when it comes to securing human identities. This lack of confidence in securing NHIs versus human identities could be due to the sheer volume of NHIs in their environment, which often outnumber human identities by a factor of 20 to one.

Part of the problem is that security tools are not specifically designed to address NHI security challenges. For instance: 58 percent use identity and access management (IAM) systems; 54 percent use privileged access management (PAM); 40 percent use API security measures; 38 percent employ zero trust/least privilege strategies; and 36 percent use secrets management tools. As a result, the three most common causes of NHI security incidents include lack of credential rotation (45 percent), inadequate monitoring and logging (37 percent), and over-privileged accounts or identities (37 percent).

"As organizations increasingly acknowledge the critical need for robust NHI security, the surge in investments reflects a proactive stance toward protecting our digital infrastructures," says Alon Jackson, CEO and co-founder at Astrix Security. "The key now is ensuring these investments are channeled into the right tools, especially as vulnerabilities persist. NHIs present unique challenges distinct from human identities, making their security complex and demanding. Addressing NHI security requires ongoing refinement, adaptable strategies, and a unified effort to tackle the ever-evolving threats head-on."

You can read more and get the full report on the Astrix blog.

Image credit: chachar/depositphotos.com