SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Cybersecurity in 2025: Rise of non-human identities

Today

Entro Security and YL Ventures have independently released their predictions for the cybersecurity landscape in 2025, emphasising the rapid growth of non-human identities (NHIs) and key sectors poised for transformation through technological advancements.

Entro Security has unveiled its inaugural cybersecurity forecast for 2025, highlighting the increasing prominence of NHIs in cybersecurity strategies. The report authored by Itzik Alvas, Chief Executive Officer and Co-Founder of Entro Security, anticipates that NHIs will significantly outnumber human identities, becoming a critical focus for chief information security officers (CISOs).

Data from Entro Security Labs indicates that NHIs currently outnumber human identities by 92 to 1 in enterprise settings. This ratio is expected to grow as organisations continue to adopt automation and cloud technologies. The presence of NHIs such as API keys, service accounts, and cloud tokens is integral to digital operations but poses a substantial security risk due to their often-overlooked status.

"NHIs are often overlooked in the cybersecurity landscape, however, they play a critical role in cloud operations, SaaS integrations and development pipelines," said Itzik Alvas. "Their exponential growth, combined with insufficient management practices, makes them a prime target for attackers. CISOs must prioritize NHI lifecycle management as a strategic initiative and investment in 2025."

The role of artificial intelligence (AI) in managing and securing NHIs is expected to expand significantly. AI tools will enhance the ability to detect vulnerabilities and misuse of machine identities, offering real-time monitoring for anomalies and potential breaches.

AI's influence will also extend to identity and access management (IAM), transitioning systems from traditional methods to more dynamic, context-aware models. This evolution will involve AI-driven analysis of behaviour patterns to govern access rights, providing more immediate responses to security threats.

Managing the lifecycle of NHIs will remain a critical issue for enterprises, necessitating the adoption of comprehensive management solutions. Effective strategies will involve continuous discovery, real-time inventory, and anomaly detection to avert emerging security threats.

"In a world where NHIs outnumber human identities, managing their lifecycle and securing digital identities will be one of the most pressing challenges in cybersecurity," stated Alvas. "This year, we've already seen several high-profile breaches attributed to insecure machine identities. In 2025, failure to properly manage these identities could have serious consequences for businesses and their customers."

The implementation of a zero-trust architecture will remain crucial in addressing the security challenges posed by NHIs, requiring rigorous inventory management, access controls, and regular protocol updates.

Separately, YL Ventures has highlighted several emerging sectors in cybersecurity that are expected to grow in 2025. The firm points to the integration of AI in security operations (SecOps) and identity management as transformative, leading to enhanced operational efficiency and security.

YL Ventures notes that SecOps is leading the way in AI adoption, with significant potential to revolutionize the responsiveness and resilience of security infrastructures. This approach anticipates an increase in AI-based threats, driving a need for comprehensive, proactive security solutions.

The importance of securing NHIs is also emphasised by YL Ventures, referencing data from CyberArk that indicates machine identities outnumber human identities by 45 to 1. In light of high-profile security incidents and the current lack of adequate management practices, investment in NHI security is seen as vital.

Cloud security continues to advance, with new startups emerging to address growing complexities within cloud environments. This sector promises ongoing innovation and funding growth in 2025.

Data Loss Prevention (DLP) adaptations are also on the horizon, responding to challenges such as remote work and extensive data management requirements. Future DLP solutions will focus on AI-driven classification and advanced data protection measures.

"The cybersecurity landscape is evolving rapidly, driven by the exponential growth of machine identities, the need for efficiency in security operations and the persistent challenges of securing sensitive data," commented Ofer Schreiber, Senior Partner at YL Ventures. "The substantial increase in investor interest in these three cybersecurity domains underscores the industry's maturity and the pressing need for efficient, automated and proactive solutions to combat increasingly complex and sophisticated cyber threats. These sectors represent not just challenges but significant opportunities for innovation and investment in 2025."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X