;
Man with hoody hacking system

SINGAPORE: According to CyberArk, the increase in identity cybersecurity breaches in Singapore is mainly due to the widespread use of multi-cloud and artificial intelligence (AI), which creates many machine identities.

Singapore Business Review reported that the 2024 Identity Security Threat Landscape Report revealed a staggering 91% of Singaporean organisations experienced two or more identity-related breaches over the past year.

The report points to the surge in machine identities, a byproduct of the increased adoption of multi-cloud and AI technologies, as a major contributing factor to these breaches.

Security experts singled out machines as the riskiest type of identity due to their lack of robust security controls, making them vulnerable to exploitation.

Interestingly, there’s a discrepancy in how organisations define privileged users within organisations.

While 59% strictly consider privileged users to be humans, only 41% extend this definition to include both human and machine identities with sensitive access.

Looking ahead, organisations in Singapore anticipate a 2.5% average growth in identities over the next year.

See also  Banks 'remain responsible' for security measures to prevent phishing scams, says cybersecurity specialist

Mr Vincent Goh, President and General Manager of Asia Pacific and Japan at CyberArk, acknowledged the prevalence of identity-related breaches and partly attributed them to inadequate security measures for machine identities.

He noted, “Many Singapore organisations can relate to the experience of identity-related breaches in the past year, in part due to the inadequate security controls for machine identities compared to human ones.”

The report also predicts a rise in the volume and complexity of identity-related attacks as cybercriminals enhance their capabilities. An overwhelming 93% of respondents expressed concerns about cyber risks posed by AI-powered tools.

Additionally, only about 70% of organisations are confident in their employees’ ability to spot deepfake content of their leadership.

Phishing or vishing attacks have proven particularly successful in breaching identities, affecting nine out of 10 organisations in Singapore. Similarly, 89% of organisations reported successful ransomware attacks.

Mr Goh highlighted the role of machine identities in expanding the attack surface for cyber adversaries, especially with the increasing adoption of AI.

See also  Tan Kin Lian posts NRIC number and personal data on Facebook, gets into more trouble than he bargained for

He stressed, “Organisations in the region need to adopt a holistic cybersecurity strategy to secure both human and machine identities to effectively defend themselves against cyber attacks.” /TISG

Read also: Malware: How scammers control your phone and steal your money

Featured image by Depositphotos