A new report from CyberArk, now part of Palo Alto Networks, reveals that AI and machine identities are rapidly reshaping enterprise attack surfaces across EMEA. At the same time, identity-related breaches are on the rise and many organizations still lack automated security processes to manage the growing risks.
Research from CyberArk finds that AI and machine identities are significantly increasing complexity and risk within corporate IT environments.
CyberArk’s latest study shows that 80 percent of organizations across EMEA experienced at least three successful identity-related breaches in the past 12 months. The Identity Security Landscape Report 2026 details how attack surfaces and risks expand as AI-driven and autonomous identities proliferate.
Sharp increase in machine identities
The study reveals there are now 110 machine identities for every human identity in EMEA, up from 83 a year ago — a 36 percent increase. This trend is driven primarily by AI identities, which are expected to grow faster than both human and traditional machine identities.
Organizations across EMEA also expect identity counts to rise significantly over the next 12 months: 87 percent anticipate more AI identities, 84 percent expect an increase in machine identities, and 64 percent foresee more human identities.
Key drivers include AI and large language models, machine identities such as IoT devices and bots, and expanded use of cloud applications.
Because digital expansion — rather than headcount growth — now fuels identity growth, organizations must rethink how they manage risk. This increases the need for visibility, control, and governance.
Identity-related threats becoming routine
According to the report, identity-related threats are now a constant operational reality for businesses in EMEA. Overall, 91 percent of organizations report experiencing at least one identity-related breach.
Security leaders also report that identity complexity is evolving faster than their organizations’ ability to control and mitigate those risks.
EMEA is identified as the least prepared region for the upcoming shortening of certificate lifecycles. Seventy-five percent of organizations still lack full automation for certificate renewal and monitoring. The estimated financial impact for an organization in EMEA is calculated at €213,262.
AI agents gaining access to sensitive data
The report also finds that nearly two in five AI agents and machine identities on average have access to organizational data, including sensitive information like financial records and business-critical systems.
Yet only a minority of organizations use behavior monitoring and automated credential revocation for autonomous and generative AI agents.
Furthermore, 82 percent of respondents in EMEA say fragmented identity systems and tools make it harder for their organizations to detect and respond to identity-related threats.
“Traditional security controls are no longer enough”
– The explosion of machine identities represents a fundamental change to enterprise attack surfaces. As AI-driven identities continue to grow, organizations face a reality where identity complexity quickly outpaces what traditional security controls can manage, says Renske Galema.
She adds:
– That 91 percent of organizations in EMEA experienced an identity-related breach shows security leaders must move beyond manual processes as AI agents gain access to increasingly sensitive data. To reduce risk, organizations need comprehensive automation and unified governance.
Need for unified identity security
As machine and AI identities become more common in enterprise environments, organizations must shift from fragmented, manual controls to a unified, automated identity security strategy.
Managing the 110:1 ratio of machine to human identities requires, the report argues, a platform-based approach that balances innovation with strong protection for people, machines, and AI agents.
Note: CyberArk’s identity security work continues under the Idira™ name as part of Palo Alto Networks.
Idira and the future of AI-driven identity security
The transition from CyberArk to Idira reflects a strategic shift in identity security where AI, autonomous identities, and machine identities become central components of enterprise cybersecurity strategies. This shift also raises demand for automated identity management, Zero Trust approaches, and AI-driven security governance in modern hybrid and cloud environments.
Implications for Swedish businesses
Swedish companies face rapidly increasing risks related to AI identities, machine identities, APIs, IoT devices, and autonomous AI agents. The report highlights that traditional security models are insufficient as identity volumes grow exponentially across hybrid and cloud-based environments.
Implications for Nordic MSPs
Nordic MSPs, MSSPs, and security partners will face higher expectations for automated identity security, AI governance, certificate management, and privileged access controls. Demand for PAM, IAM, Zero Trust, and AI security solutions is expected to rise sharply as more organizations adopt AI-driven operational environments.
Risks and opportunities
The surge of AI and machine identities creates new attack surfaces that many traditional security solutions cannot fully address. At the same time, organizations that invest in automated identity security, AI-driven risk management, and modern cybersecurity platforms can gain a competitive advantage.
CyberArk has officially transitioned to Idira™
For those who have followed CyberArk, this marks the continuation of its mission under the Idira™ brand. Going forward, Idira will serve as a primary source for developments at the intersection of identity security, AI, and the digital enterprise.