Machine identities outnumber humans 40,000 to one
Are you ready to welcome our new machine overlords? Okay, that might be a bit drastic, but the latest report from Sysdig reveals that there are now 40,000x more machine identities than human identities.
This has led to a greatly expanded attack surface as machine IDs are 7.5 times more risky, a dangerous liability given that nearly 40 percent of breaches start with credential exploitation.
Fortunately, there are some positive findings too. The report shows that workloads using AI and machine learning (ML) packages grew by 500 percent over the last year, with the percentage of generative AI packages in use more than doubling. Despite this rapid adoption, public exposure decreased by 38 percent, signaling a strong commitment to secure AI implementation.
Mature security teams are detecting threats in under five seconds and initiating response actions within 3.5 minutes on average -- outpacing the 10 minute cloud attack window that has historically given adversaries the upper hand.
In-use vulnerabilities have also declined to less than six percent, reflecting a 64 percent improvement in vulnerability management over the past two years. This shift shows that organizations are refining their approach to fixing what matters most -- vulnerabilities actively running in production workloads -- and more effectively strengthening their overall security posture.
Organizations across the world are using open source tools, such as Kubernetes, Prometheus, and Falco -- which is used by more than 60 percent of the Fortune 500 -- to defend their cloud infrastructure, evidence of quickly growing trust in open source security standards.
"Cybersecurity has long been an arms race between threat actors and defenders, but the battlefield is evolving," says Crystal Morin, Sysdig cybersecurity strategist. "Organizations have made tremendous progress, and the fact that mature security teams can now respond to threats within minutes is a game-changer. But with machine identities multiplying and cloud environments evolving in real time, automation and rapid response have never been more mission-critical. The data in this report makes me optimistic about the future of cyber defense."
You can read more and get the full report on the Sysdig blog.
Image credit: DenisSmile/depositphotos.com