Don’t Be Misled: Why Identity Security Is Still Key

One of the most highly anticipated annual cybersecurity reports, Verizon's Data Breach Investigations Report, came out just last week. As you might imagine, among the pithy and entertaining commentary, the report was full of insights from the team's analysis of over 22,000 security incidents and breaches — the highest ever analyzed in a single report. 

The report's results confirmed our suspicions about cybersecurity in today's enterprises (including identity security, specifically), the main threat actors and attack vectors and, of course, how generative AI is changing everything. 

Identity security is (still) foundational 

At first glance, the report’s flashy incident method graph may lead you to think that just 6% privilege abuse attribution means other, more sensational methods have finally overtaken humans as the weakest link in organizations' security. This, albeit mistaken, belief is bolstered by system intrusion (i.e., malware, hacking, vulnerability exploitation), jumping a whopping 17% to over half (53%) of this year's analyzed incidents. 

But what's important to understand is that identity is where an organization's security efforts must begin. The proliferation in the number and type of identities has only increased, complicating enterprise security and bringing the need for identity security to the forefront. 

Consider the report’s system intrusion category. It includes methods such as phishing and unauthorized credential use — both of which refer specifically to identity security. Additionally, of the recorded web application attacks (12% of total incidents this year), 88% were through stolen credentials. 

Meanwhile, Verizon's definition of privilege misuse only includes situations where the credentials were deliberately and either unauthorized or maliciously used. 

Identities' involvement in each of Verizon's incident method categories exemplifies the need for organizations' identity security efforts to be foundational in their environments. This is why a converged, comprehensive identity security platform is the best option for modern, complex enterprises. It can help secure all identities — internal, external, human, non-human, etc. — and their access across all applications, both on-premises and in the cloud, so organizations can be better prepared for what comes next.

See how GE HealthCare’s journey to proactive security with Saviynt ISPM. Sign up for our May 15^th webinar. 

Most data breaches are still identity-related 

By digging under the report’s surface, you quickly realize that identity is still a key factor in why security incidents and breaches occur. Verizon even mentions that "all breaches involve humans to some degree," but they limited counting humans as the reason if they weren't the gating factor. 

Regardless, 60% of breaches involved a human element, with credential abuse remaining the top initial access vector, at 32% of incidents. Verizon stressed that organizations must not discount credential abuse as a major concern. 

Perhaps the most surprising outcome of this year's report was the dramatic increase in incidents involving a third party: 2025 saw twice as many as last year. Thirty percent of human-related breaches involved a third party. 

Even though several high-profile breaches have occurred because of them, properly securing external identities has been an unsolved problem for many organizations for quite some time. Verizon itself even says that "software vendors have long played a part in unintentionally increasing the attack surface for those who use their products and services. [It's moved] from the occasional [...] mishap to a much more widespread and insidious problem." 

Perhaps it's because organizations still don't consider external identities as important as internal ones. Without a converged identity security platform such as Saviynt Identity Cloud and processes that ensure least privilege access for all identities, we expect incidents caused by third parties to increase. For any enterprise with partners, vendors or temporary employees, now is the time to see if your external identity management is up to par. 

GenAI requires organizations to evolve 

Generative AI (genAI) is being used in full swing in most organizations today: 71% as of late last year, according to McKinsey & Company, a 7% jump even from the beginning of last year. It's no surprise that technology has much to offer regarding efficiency and productivity gains, as well as quicker analysis for identifying trends and processing information. 

But as with any new technology, there are risks. And because generative AI has so much to do with data — including the proprietary data your organization doesn't want others to have — genAI is inherently riskier. Many CISOs understand both sides of the AI coin; securing and governing AI is a recognized challenge and often, a top priority, in today’s enterprises. 

But unfortunately, Verizon found that 89% of employees who are using generative AI on corporate devices are doing so outside of corporate purview. At Saviynt, we're certainly not against using genAI and AI-powered solutions — our identity security platform has intelligent, AI-enabled features, after all. 

What's dangerous about using genAI, especially public models, is the data your users may inadvertently provide. Once an AI model has your data, it uses it for everything, including providing answers to other users. If one of the employees using genAI outside your view chooses to discuss something with an AI model you don't want your competitors to know about, you can't unring that bell. 

As genAI use grows, the risks increase with it. Your organization cannot wait to acknowledge the benefits and risks of AI. Now is the time to secure your non-human identities and what they have access to with an identity security platform with robust machine and non-human identity management capabilities. 

The future of identity security 

As Verizon’s yearly report clearly shows, the need for modern, forward-thinking identity security in enterprises has never been higher. At Saviynt, we’re dedicated to innovation and ensuring our platform and our customers are ready for the risks new technology often brings. 

In fact, we just revealed the next evolution in our platform: Identity Security Posture Management, a huge step forward for identity security. Read more about it here.