Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
AI agent executes end-to-end ransomware attack via development platfor...
ICAC Commissioner attends first IAACA European regional anti-corruptio...
Research: Asian enterprises advancing AI without resilience strategies...
Penta Security Sets the Benchmark for Web Application Security, Earnin...
India bank domain registry exposed sensitive data in security lapse: e...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

FeaturesIoT Security

The rising threats and business risks of machine identities

By Victor Ng | Tuesday, July 22, 2025, 12:19 PM Asia/Singapore

The rising threats and business risks of machine identities

AI-driven automation is accelerating the proliferation of machine identities, exposing them to costly outages and security risks, while organizations are struggling to keep up.

Machine identities – digital entities used to identify, authenticate, and authorise machines, devices, and infrastructure – represent a broad category that includes any digital identity not associated with or operated by a human.

Machine identity is similar to human identity in many ways. For humans, we need to authenticate to systems by identifying ourselves using personally identifiable things such as our name, national identity number or passport. For machines, if they want to communicate with one another, they need to identify who they are through certificates or shared secrets to authenticate to other systems.

However, with AI-driven automation accelerating the proliferation of machine identities, organizations are struggling to keep up with preventing costly outages and security risks. CyberArk’s 2025 State of Machine Identity Security Report revealed a sharp rise in security incidents linked to compromised machine identities.

As organizations work to prepare for shorter certificate lifespans, authenticate cloud native workloads, safeguard AI models and ready themselves for quantum computing, they recognize that machine identity security must be a cornerstone of their enterprise security strategy.

CybersecAsia discussed some of the key findings from the 2025 State of Machine Identity Security Report with Lim Teck Wee, Area Vice President, ASEAN, CyberArk.

What are the key challenges organizations face in managing machine identities?

Lim: While 94% of APAC security leaders report some form of machine identity security program in the CyberArk 2025 State of Machine Identity Security Report, many of these programs lack maturity.

Another challenge which organizations face is in terms of how they can adapt to the shorter life-cycle of machine identity. At the same time, the attackers are still not stopping, and they are still continuing to look for ways to steal the identities and data of organizations and disrupt their businesses. All these are areas where machine identities become very front and center in terms of the priorities of organizations that they need to secure.

How different is machine identity from human identity? What do organizations need to take note of to protect machine identities as compared to traditional identity-based threats?

Lim: In machine identity attacks, attackers could manipulate keys or exploit stolen certificates to impersonate legitimate machines, evade authentication protocols, and gain unauthorized entry to sensitive resources.

Unlike human identities, machine identities cannot utilize authentication capabilities such as multi-factor authentication (MFA) using biometrics, a memorized password or an identity card or mobile phone.

Machine identities pose different security challenges, and instead use digital certificates, SSH keys, IP addresses, and other unique characteristics associated with the workload or container, together with secrets or other credentials to provide authentication. Thus, it is crucial that organizations automate the issuance, rotation, and revocation of machine identities to improve the visibility and scale of their management capabilities.

This sheer scale is driven by several factors, including the rise of artificial intelligence (AI), cloud-native technologies, as well as the shrinking lifespans of machine credentials in today’s fast-paced development cycles.

As organizations adopt more AI technologies, there are more systems being developed and, therefore, more machine communications. This results in the proliferation of machine identities. We have seen an increasing number of attacks as well.

CyberArk’s 2025 State of Machine Identity Security Report shows that 78% of the APAC security leaders reported incidents of breaches linked to compromised machine identities in the last year. This has led to delays in application launches (51%), unauthorized access to sensitive data or networks (51%) as well as outages impacting customer experience (37%).

85% of Asia Pacific security leaders anticipate the number of machine identities in their organizations to increase by as much as 150% over the next year. Why is this growth happening so rapidly, and what are the security implications?

Lim: Machine identities now outnumber human identities by an overwhelming margin. According to CyberArk’s 2025 Identity Security Landscape report, there are 82 machine identities for every human identity in APAC organizations.

This sheer scale is driven by several factors, including the rise of artificial intelligence (AI), cloud-native technologies, as well as the shrinking lifespans of machine credentials in today’s fast-paced development cycles.

As organizations adopt more AI technologies, there are more systems being developed and, therefore, more machine communications. This results in the proliferation of machine identities. We have seen an increasing number of attacks as well.

CyberArk’s 2025 State of Machine Identity Security Report shows that 78% of the APAC security leaders reported incidents of breaches linked to compromised machine identities in the last year. This has led to delays in application launches (51%), unauthorized access to sensitive data or networks (51%) as well as outages impacting customer experience (37%).

How can businesses build a mature, end-to-end machine identity security strategy to mitigate the risks?

Lim: Companies are looking at a programmatic approach in terms of machine identity security. Having visibility is key to ensuring organizations understand and know where all the machine identities are in their organization. In addition, organizations need to start thinking about emerging threats such as quantum computing given the advancement of technology.

Some of the best practices we have seen are implementing least privilege and regular audits. Organizations need to secure the credentials or the passwords that need to be rotated from time to time in a more regular fashion, much like the way we manage our passwords.

As the number of machine identities continues to grow and outnumber human identities, this will become a crucial part of organizations’ core strategy to secure their identities.

Share:

PreviousHow are large operational technology organizations worldwide increasing cyber oversight?
NextCyber experts warn of privacy and security risks as AI gains default access to messaging apps

Related Posts

Today’s CISO – a thankless role?

Today’s CISO – a thankless role?

Tuesday, August 23, 2022

Growing concerns over sophisticated cyber-scams in APAC

Growing concerns over sophisticated cyber-scams in APAC

Tuesday, March 18, 2025

Asia Pacific’s unique cyberthreats

Asia Pacific’s unique cyberthreats

Monday, June 8, 2026

Delayed National Cybersecurity Strategy puts Bhutan at risk

Delayed National Cybersecurity Strategy puts Bhutan at risk

Friday, June 18, 2021

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • ICAC Commissioner attends first IAACA European regional anti-corruption conference in Hungary

    Friday, July 3, 2026
    BUDAPEST, Hungary, July 2, 2026 …Read More »
  • Penta Security Sets the Benchmark for Web Application Security, Earning Frost & Sullivan’s 2026 South Korea Company of the Year Recognition

    Thursday, July 2, 2026
    By combining intelligent threat detection, …Read More »
  • SK shieldus Receives Frost & Sullivan’s 2026 APAC Customer Value Leadership Recognition for Excellence in Cybersecurity Services

    Monday, June 29, 2026
    The company is recognized for …Read More »
  • Global Tech Shift: Tune Talk Launches World’s First Network-Enforced Child Safety Mobile Plan, Bypassing App-Level Limitations

    Saturday, June 27, 2026
    PETALING JAYA, Malaysia, June 26, …Read More »
  • DJI Enterprise Advances Industry with New Framework for Dock as First Responder (DFR) Deployments

    Thursday, June 25, 2026
    New White Paper Outlines Best …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.