Breaking News
Rubrik Zero Labs’ new research has revealed a striking shift inside modern enterprises: AI bots and automated agents now outnumber human users by an astonishing 82 to 1, dramatically expanding the identity attack surface and reshaping how cyberattacks unfold. The company warns that this explosion of non-human identities (NHIs) — everything from AI agents to service accounts and machine-to-machine connectors — is creating a new class of risks that most organisations are unprepared to manage.
According to the report, as enterprises aggressively adopt AI to automate workflows, customer support, coding and internal processes, these AI-driven identities are becoming both indispensable and dangerously vulnerable. While CIOs and CISOs are investing heavily in IAM tools, Rubrik argues that identity protection has not kept pace with identity growth — especially when it comes to NHIs.
“Attackers are now frequently targeting both human and non-human identities. It's the fastest route to critical systems and data,” said Ashish Gupta, Managing Director, India & Head of Engineering at Rubrik. He added that Indian enterprises, which typically run complex hybrid identity setups across Active Directory, cloud providers, SaaS platforms and internal AI agents, now face far more points of failure than ever before.
The research notes that 86% of organisations have already integrated AI agents into their identity systems, and another 12% plan to do so soon. Security leaders expect this to directly shape the threat landscape: 56% believe that at least 30% of cyberattacks next year will be driven by agentic AI tools capable of automated reconnaissance, credential theft and lateral movement.
This rapid surge in machine identities is also eroding confidence in recovery. Only 32% of Indian organisations believe they can fully recover from a cyber incident within 12 hours, while 34% say it would take them more than two days to restore operations after an identity-based attack. With ransomware still rampant, Rubrik’s data shows that 91% of affected Indian firms ended up paying ransom — either to recover their data or to stop the attack.
Industry voices echoed the urgency. “I could have unlimited technology in place. But if someone socially engineers our support desk to hand over admin passwords, that’s the end of the game,” said Andrew Albrech, CISO at Domino’s. “That’s why identity resilience is key.”
Globally, the concern is cascading into major organisational shifts. The report says 89% of companies intend to hire specialists specifically for identity security in the next 12 months, while 87% are actively replacing or re-evaluating their identity and access management (IAM) providers, largely due to security concerns.
Rubrik’s Chief Transformation Officer, Kavitha Mariappan, summarised the rising challenge: “Attackers are no longer breaking in — they’re logging in. Managing identities in the era of AI has become a complex endeavour, especially with the labyrinth of NHIs. We’re facing an under-the-radar crisis where a single compromised credential can expose an organisation’s most sensitive data.”
With AI adoption accelerating, Rubrik warns that identity resilience — not just identity management — will determine how well organisations can withstand the next wave of cyberattacks. And if the 82:1 ratio is any indicator, that wave is already here.
According to the report, as enterprises aggressively adopt AI to automate workflows, customer support, coding and internal processes, these AI-driven identities are becoming both indispensable and dangerously vulnerable. While CIOs and CISOs are investing heavily in IAM tools, Rubrik argues that identity protection has not kept pace with identity growth — especially when it comes to NHIs.
“Attackers are now frequently targeting both human and non-human identities. It's the fastest route to critical systems and data,” said Ashish Gupta, Managing Director, India & Head of Engineering at Rubrik. He added that Indian enterprises, which typically run complex hybrid identity setups across Active Directory, cloud providers, SaaS platforms and internal AI agents, now face far more points of failure than ever before.
The research notes that 86% of organisations have already integrated AI agents into their identity systems, and another 12% plan to do so soon. Security leaders expect this to directly shape the threat landscape: 56% believe that at least 30% of cyberattacks next year will be driven by agentic AI tools capable of automated reconnaissance, credential theft and lateral movement.
This rapid surge in machine identities is also eroding confidence in recovery. Only 32% of Indian organisations believe they can fully recover from a cyber incident within 12 hours, while 34% say it would take them more than two days to restore operations after an identity-based attack. With ransomware still rampant, Rubrik’s data shows that 91% of affected Indian firms ended up paying ransom — either to recover their data or to stop the attack.
Industry voices echoed the urgency. “I could have unlimited technology in place. But if someone socially engineers our support desk to hand over admin passwords, that’s the end of the game,” said Andrew Albrech, CISO at Domino’s. “That’s why identity resilience is key.”
Globally, the concern is cascading into major organisational shifts. The report says 89% of companies intend to hire specialists specifically for identity security in the next 12 months, while 87% are actively replacing or re-evaluating their identity and access management (IAM) providers, largely due to security concerns.
Rubrik’s Chief Transformation Officer, Kavitha Mariappan, summarised the rising challenge: “Attackers are no longer breaking in — they’re logging in. Managing identities in the era of AI has become a complex endeavour, especially with the labyrinth of NHIs. We’re facing an under-the-radar crisis where a single compromised credential can expose an organisation’s most sensitive data.”
With AI adoption accelerating, Rubrik warns that identity resilience — not just identity management — will determine how well organisations can withstand the next wave of cyberattacks. And if the 82:1 ratio is any indicator, that wave is already here.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
