In the modern cybersecurity landscape, the traditional network perimeter has dissolved. Today, identity as a perimeter keeps getting stronger and stronger.Â
As organizations accelerate cloud adoption and integrate AI systems, the number of digital identities, both human and non-human, has grown exponentially. Each credential, API key, and service account now represents a potential entry point for adversaries.
To understand the scale of this shift, we conducted a survey to examine the impact of identity threats. The survey consisted of 5,000 IT and cybersecurity leaders across 17 countries and 14 industries. Of those organizations, 71% were hit by identity-related breaches in the last year. So the findings reveal that identity-related breaches are no longer outliers; they’re now a primary challenge for modern defense.Â
Click here to access the full report now or continue reading for some highlights.
Identity breaches are the new normal
The research shows that identity-related security breaches are pervasive across all sectors.
- 71% of organizations experienced at least one identity-related breach in the past 12 months
- Affected organizations were hit by an average of three identity attacks within the year
- Geographically, Switzerland reported the highest breach rate at 89%, followed by Mexico at 83%
- The energy, oil/gas, and utilities sector saw the highest breach rate at 80%, while IT and technology organizations reported the lowest at 63%
The identity-to-ransomware pipeline
One of the most critical findings is the direct link between identity compromise and ransomware. Attackers are increasingly using stolen credentials as their primary mechanism for delivery.
Two-thirds of ransomware victims (67%) reported that their ransomware incident was directly tied to their most significant identity attack. This establishes a clear pipeline where a single compromised account can lead to full-scale business paralysis.
The rising risk of non-human identities
While human error remains a top contributor to breaches, the mismanagement of non-human identities (NHIs) has emerged as an escalating threat. NHIs – including API keys, service accounts, and AI agents – often outnumber human identities by ratios as high as 100:1.
- Weak NHI management was a root cause in 41% of successful identity breaches
- Agentic AI is a major driver of this risk, as AI agents can autonomously create new credentials and demand broad, persistent access without human oversight
- Despite the risk, only 34% of organizations regularly audit or rotate service accounts and NHIs
The financial toll of failure
When identity defenses fail, the financial impact is severe. The average cost to rectify a successful identity breach is $1.64 million, with nearly half of all victims suffering data theft or ransomware as a direct consequence.
The data also highlights a resource gap: smaller organizations (100–250 employees) were nearly twice as likely to fail to detect an identity attack compared to organizations with over 1,000 employees.
Read the report
The 2026 data serves as a reminder that identity security is a continuous operational discipline, not a one-time project. To defend against these evolving threats, organizations must move beyond basic hygiene and implement multi-layered defenses, such as enforcing MFA for all accounts and adopting a Zero Trust security model.For a deeper dive into industry-specific data and comprehensive security recommendations, you can read the full State of Identity Security 2026 report.
About Author
