Security Leaders Say Machine Identities – Such as Access Tokens and Service Accounts – Are Next Big Target for Cyberattack

New Venafi Research Reveals 86% of Organizations Had a Cloud Native-Related Security Incident in the Last Year – Leading to Costly Delays, Outages and Data Breaches

Venafi, a CyberArk (NASDAQ: CYBR) company, today announced the findings of its latest research report: The Impact of Machine Identities on the State of Cloud Native Security in 2024. Surveying 800 security and IT decision-makers from large organizations across the U.S., U.K., France and Germany, this second annual report examines the top machine identity security trends and challenges impacting the state of cloud native security today.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20241216555147/en/

Infographic: The Impact of Machine Identities on the State of Cloud Native Security in 2024 (Graphic: Business Wire)

This year's findings reveal attackers are compromising cloud native environments with alarming regularity. 86% of organizations had a security incident related to their cloud native environment within the last year. As a result, 53% of organizations had to delay an application launch or slow down production time; 45% suffered outages or disruption to their application service; and 30% said attackers could gain unauthorized access to data, networks and systems.

Other key findings include:

• Service accounts are the next threat frontier: 88% of security leaders believe machine identities – specifically access tokens and their connected service accounts – are the next big target for attackers. Over half (56%) have experienced a security incident related to machine identities using service accounts in the last year.

• Supply chain attacks tipped to get an AI makeover: 77% of security leaders think AI poisoning will be the new software supply chain attack. A further 84% believe supply chain attacks remain a clear and present danger. However, a worrying 61% say senior management has taken its focus off supply chain security in the last year.

• Security and developer teams continue to clash: 68% of security leaders believe security professionals and developers will always be at odds, with 54% feeling they are fighting a losing battle trying to get developers to have a security-first mindset.

"The sleeping dragon is now awake: attackers are now actively exploring cloud native infrastructure," said Kevin Bocek, Chief Innovation Officer at Venafi, a CyberArk Company. "A massive wave of cyberattacks has now hit cloud native infrastructure, impacting most modern application environments. To make matters worse, cybercriminals are deploying AI in various ways to gain unauthorized access and exploiting machine identities using service accounts on a growing scale. The volume, variety and velocity of machine identities are becoming an attacker's dream."

AI threats loom large on the horizon

Respondents also reported the risk of cloud native security coming under increasing pressure as attackers target these environments to compromise AI models and applications:

• 77% are concerned about AI poisoning, whereby AI data inputs/outputs are manipulated for malicious purposes.
• 75% are worried about model theft.
• 73% are concerned about the use of AI-led social engineering.
• A further 72% are worried about provenance in the AI supply chain.

"There is huge potential for AI to transform our world positively, but it needs to be protected," Bocek continues. "Whether it's an attacker sneaking in and corrupting or even stealing a model, a cybercriminal impersonating an AI to gain unauthorized access, or some new form of attack we have not even thought of, security teams need to be on the front foot. This is why a kill switch for AI – based on the unique identity of individual models being trained, deployed and run – is more critical than ever."

Machine identity security complexity is growing

The research also provided insights into which areas in cloud native infrastructure organizations have experienced security incidents. Machine identities like access tokens used with service accounts topped the list with 56%, but almost as many (53%) experienced incidents related to other machine identities, such as certificates.

Part of the reason these incidents occur with such regularity is the growing complexity of cloud native environments. This creates new challenges for security teams around managing and securing the machine identities that underpin access and authentication in cloud native environments:

• 74% of security leaders agree that humans are the weakest link in machine identity security. 83% of teams recognize that failing to secure machine identities at the workload level renders all other security obsolete.

• 69% say that delivering secure access between their cloud native and data center environments is a "nightmare to manage," while 89% are experiencing challenges around managing and securing secrets at scale.

• 83% think having multiple service accounts also creates a lot of added complexity, but most (91%) agree that service accounts make it easier to ensure that policies are uniformly defined and enforced across cloud native environments.

Bocek concludes: "Attackers are increasingly zoning in on machine identities in cloud native technologies. Security teams must prioritize machine identity security to the same degree as human identities. The great news is that secrets management, certificate lifecycle management (CLM) and cloud native security are available today. An automated, end-to-end machine identity security program means businesses can enhance their cloud native security, ensuring operational stability and business growth."

To read the full report, please visit https://venafi.com/lp/cloud-native-security-report-2024/.

Additional Resources:

• Infographic
• Blog post

About Venafi, a CyberArk Company

Venafi, a CyberArk company, offers the most comprehensive solutions to address critical challenges in PKI, certificate management and workload identity management. Through centralized visibility and automation, Venafi helps customers monitor and secure any machine identity, anywhere, across extended enterprise networks. As an innovative leader, Venafi solves today's greatest machine identity challenges while anticipating those of tomorrow.

By combining Venafi's best-in-class machine identity management with CyberArk's leading identity security capabilities, these two category creators together establish the world's first platform for end-to-end machine identity security at enterprise scale. To learn more about CyberArk's acquisition of Venafi, read the press release.

For more information about Venafi, visit https://venafi.com/.

About CyberArk

CyberArk (NASDAQ: CYBR) is the global leader in identity security. Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud environments and throughout the DevOps lifecycle. The world's leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs or follow on LinkedIn, X, Facebook or YouTube.

View source version on businesswire.com: https://www.businesswire.com/news/home/20241216555147/en/