Skip to main content
close search
site logo
Dive Brief

AI agents emerge as potential targets for cyberattackers

Digital entities, including bots and agents, pose a growing cybersecurity risk for enterprises, researchers found.

Published April 8, 2025
Alexei Alexis's headshot
Reporter
close up programmer man hand typing on keyboard laptop for register data system or access password at dark operation room , cyber security concept - stock photo
Chainarong Prasertthai via Getty Images

First published on

CFO Dive
This audio is auto-generated. Please let us know if you have feedback.

Dive Brief:

  • Digital entities such as bots and AI agents are fast emerging as prime targets for cyberattacks as organizations rapidly increase their reliance on them, cybersecurity firm Delinea said in a recent report.
  • For every human identity, there are about 46 so-called “non-human identities,” with the number of NHIs projected to exceed 45 billion by the end of 2025, “illustrating their pervasive presence in modern infrastructures,” according to the research.
  • “While human identities remain a primary attack target, non-human identities (NHI) have quietly become an equally critical — and often overlooked — security risk,” the report said.

Dive Insight:

The findings come as leading U.S. enterprise software providers including Microsoft and SAP have begun rolling out AI agents designed to perform tasks in corporate finance and other business functions. 

NHIs are digital identities for applications, services or devices, used by organizations to execute automatic machine-to-machine operations, according to a CrowdStrike article. They expand an organization’s cybersecurity risks because each machine identity presents a potential entry point for attackers, the article said.

“With seemingly countless NHIs deployed across modern organizations, it is easy for NHIs to be overlooked in security strategies, introducing a higher risk of unauthorized access,” it said.

The nonprofit Cloud Security Alliance in September published a study finding that nearly one in five organizations had experienced a security incident related to NHIs.

Despite their importance, NHIs are often neglected in security practices, according to Delinea.

Over 70% of NHIs are not “rotated” or replaced within recommended timeframes, leaving them vulnerable to exploitation, the Delinea report said, citing data from Entro Labs, a research arm of cybersecurity startup Entro Security. Additionally, 97% of organizations expose their NHIs to third-party vendors, increasing the risk of unauthorized access.

“As attackers refine their techniques to target identity systems, the combination of unrotated credentials and widespread third-party access creates a growing and dangerous vulnerability,” the report said.

Filed Under: IT Strategy, Security

Editors' picks

Company Announcements

View all | Post a press release
Snowflake Achieves Department of Defense IL5 Authorization, Furthering Position as the Trusted…
From Snowflake
April 10, 2025
Julius Silvert Selects Comcast Business to Power the Future of Food Distribution
From Comcast Business
March 31, 2025
InterVision Achieves Multiple NetApp Solution Competencies
From InterVision
March 27, 2025
CloudBolt Extends Continuous Optimization to Kubernetes Through Strategic Acquisition of Storm…
From CloudBolt Software
March 31, 2025
Editors' picks
Latest in IT Strategy
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.