Skip to main content
Explore our brands An Informa TechTarget Publication
close search
site logo
Dive Brief

Identity is the first line of defense, especially in an AI-fueled threat landscape

Two new reports illustrate why companies need to do a better job of scrutinizing what their human employees and AI agents are doing.

Published March 27, 2026
Eric Geller's headshot
Senior Reporter
A digital blue fingerprint lifted being lifted off a mirrored surface against a black background. Binary code makes up the fingerprint.
Getty Images

Dive Brief:

  • The evolving threat landscape has placed identity governance at the center of cybersecurity, according to a pair of reports released this week, meaning that organizations should prioritize identity management as a way to protect sprawling computer networks from under-the-radar intrusions.
  • Cloudflare’s report, released Wednesday, and PwC’s report, released Tuesday, both emphasize the need for companies to do a better job of monitoring user behavior and scanning for suspicious network activity.
  • The rise of AI only makes identity governance even more important, researchers wrote, as the technology helps hackers improve their impersonation tactics.

Dive Insight:

In the past, intrusion prevention primarily took the form of vulnerability management, with intrusion detection focused on prowling for exploitation of digital flaws or suspiciously repetitive login attempts. Today, security researchers say, identity abuse makes it easier for hackers to break into a system without tripping alarms.

The most familiar identity-compromise tactics involve stealing passwords by phishing users or scanning databases of leaked credentials. But as Russia’s SolarWinds supply-chain attack demonstrated, sophisticated attackers can also forge authentication tokens and bypass traditional login processes entirely.

“Adversaries across a wide range of motivations are increasingly choosing to log in rather than break in, exploiting credentials, session tokens, and federated access to bypass traditional perimeter defences,” PwC researchers wrote in their annual threat report, which declared that “identity is the key battleground” in the modern threat environment.

Of course, token forgery is rarely necessary, as social-engineering attacks regularly yield credentials that can help hackers establish footholds in target networks and move laterally from there. Other intrusions — like those of the Scattered Spider cybercrime gang — involve tricking IT help desks into handing over sensitive data. Meanwhile, North Korea has perfected another form of identity-based attack by convincing Western businesses to hire its operatives for remote IT jobs.

“As organizations expand their SaaS ecosystems and cloud dependencies, the attack surface is widening — with a single compromised identity capable of unlocking cascading access across entire environments,” PwC said. “Treating identity governance as a strategic, board-level priority — not a technical checkbox — will be critical to staying ahead of the field.”

Cloudflare’s annual Security Signals report also spotlights the importance of identity management. Of all the email-based threats that the company detected last year, 19% of them involved identity deception, making that the second most commonly observed threat category after malicious links.

Identity-based attack campaigns “exploit trust signals rather than technical vulnerabilities,” Cloudflare noted.

The company echoed warnings that AI is helping hackers improve the quality of attacks.

“As AI lowers the cost of producing convincing, personalized deception,” researchers wrote, “governance must extend beyond model oversight to authentication, identity integrity, and decision traceability.”

Identity management isn’t just for humans anymore. Cloudflare also encouraged companies to prioritize identity governance for their AI agents.

“Non-human identities — AI agents, service accounts, bots — now outnumber human users by orders of magnitude,” the company said in its report. “Yet most enterprises still govern identity as if people are the primary actors.”

Editors' picks

Company Announcements

View all | Post a press release
Zapier Pledges Free AI Education for 1 Million People
From Zapier
March 17, 2026
Zapier logo
CyberFOX AutoElevate Named a High Performer in G2’s Spring 2026 Report for Privileged Access M…
From CyberFOX
April 01, 2026
CyberFOX logo
Why Edge RF Awareness Is Essential for the M2M Era
From Digital Global Systems
March 16, 2026
Digital Global Systems logo
Realm.Security Rolls Out AI-Ready Security Data for the Modern SOC Ahead of RSA Conference
From Realm.Security
March 16, 2026
Realm.Security logo
Editors' picks
Latest in Strategy
This website is owned and operated by Informa TechTarget, a global network that informs, influences and connects the world's technology buyers and sellers.

© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. An Informa PLC company.
Privacy policy | Terms of use | Take down policy | Cookie Preferences / Do Not Sell