NO SURPRISE: AI helping identify theft!

SCWorld.com reported “Security leaders and practitioners face new and increasingly complex identity‑based threats including phishing, credential theft, deepfakes, and privilege misuse.” The December 19, 2025 article entitled “Identity: the new battleground in our emerging AI world” (https://tinyurl.com/ynhp5tbh) included these comments:

Nearly 80% of detections in CrowdStrike’s 2025 Global Threat Report were malware‑free, indicating that attackers relied on other techniques, such as social engineering and stolen credentials, to impersonate legitimate users, bypass controls, and escalate privileges.

To better understand the challenges organizations face today, we gathered insights from attendees at three major global cybersecurity conferences in 2025: Black Hat USA in Las Vegas; Infosecurity Europe in London; and the it-sa Expo&Congress in Nuremberg. Across all regions, practitioners cited identity as the new perimeter.

Survey respondents consistently reported that identity‑based threats now surpass all other cyber risks. Phishing, credential theft, deepfakes, and privilege misuse ranked ahead of ransomware as the most likely sources of major breaches over the coming year. At Black Hat USA, 45% identified phishing as their primary concern and 41% cited deepfakes. Infosecurity Europe mirrored those results with phishing as the top identity-based threat for 50% of respondents and deepfakes for 42%.

These statistics reflect real‑world, costly incidents. The September 2025 Jaguar Land Rover (JLR) cyberattack demonstrates how identity‑based techniques, including vishing and credential theft, can cripple an organization’s global operations. Threat actors from Scattered Spider, Lapsus$ and ShinyHunters infiltrated JLR’s IT environment, causing severe production shutdowns and supply chain disruptions.

Digital identities have proliferated as hybrid, multi‑cloud and AI‑enabled environments expand. Every user, device and non‑human identity (NHI) represents a potential entry point. Outdated authentication methods and incomplete identity governance heighten exposure, making modernization an urgent priority.

Are you surprised?