Identity cybersecurity breaches rise in Singapore amid multi-cloud, AI use: report

99% have adopted AI in defense initiatives this year, consistent with the year prior.

Two or more identity-related breaches hit 91% of Singaporean organisations in the past year, mainly due to the vast number of machine identities created following the widespread use of multi-cloud and AI, according to CyberArk.

Its 2024 Identity Security Threat Landscape Report showed machines were rated as the riskiest identity type by security professionals, as machine identities often lacked identity security controls and posed an exploitable threat.

59% defined privileged users as human-only, while only 41% defined privileged users as all human and machine identities with sensitive access. 

Organisations in the city-state foresee a 2.5% average growth for identities in the next 12 months.

“Many Singapore organisations can relate to the experience of identity-related breaches in the past year, in part due to the inadequate security controls for machine identities compared to human ones,” Vincent Goh, president and general manager of Asia Pacific and Japan at CyberArk, said. 

The report also predicted that identity-related attacks would increase in both volume and complexity as bad actors also improve their capabilities, with 93% expecting cyber risk to be created by AI-powered tools. 

Only around 70% were confident that employees could identify deepfakes of the leadership in their organisations.

Successful identity-related breaches due to a phishing or vishing attack have already affected nine out of 10 organisations in the city-state, while 89% were hit with successful ransomware attacks.

“Machine identities will continue to expand the attack surface for cyber adversaries, especially with the acceleration in AI adoption,” Goh said. “Organisations in the region need to adopt a holistic cybersecurity strategy to secure both human and machine identities to effectively defend themselves against cyber attacks.”