99% of companies are vulnerable: CyberArk study on security in the age of AI

CyberArk, a global leader in identity security, has released the results of a global study on new threats in the era of Agentic AI. The main conclusion is alarming: despite the rapid growth of machine identities, only 1% of organizations have fully adopted the Just-in-Time (JIT) access model.

Key research insights

The survey involved 2,400 cybersecurity specialists from 18 countries. The data shows that traditional protection methods can no longer handle the load created by AI agents.

93% of organizations experienced two or more identity-related security breaches in the past 12 months.

The main problem lies in "Standing Privileges." These are access rights that are active constantly, 24/7, even when not needed by a user or machine. This creates an ideal environment for attackers.

Comparison of access approaches

CyberArk experts advocate for transitioning to the Zero Standing Privileges (ZSP) concept. Let’s examine how the old model differs from the recommended one.

Traditional access (Standing Privileges)

• Access rights are always active.
• High risk of account compromise.
• Difficult to track the legitimacy of AI bot actions.

Just-in-Time access (Recommended)

• Rights are granted only at the moment of task execution.
• Access is revoked automatically after the session ends.
• Minimization of the attack surface for humans and AI agents.

Why this matters now

68% of respondents confirmed that the use of AI agents is a key driver for changing cybersecurity strategies. Machines work faster than humans, and their numbers are growing exponentially. If their privileges are not controlled, every "smart" assistant can become an entry point for a hacker.

Softprom, as an official distributor of CyberArk, offers solutions to implement Least Privilege and Just-in-Time access strategies to protect your infrastructure.