Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Amid hardware legal battle, OpenAI releases a $230 keyboard for Codex

    July 16, 2026

    iOS 27 breaks 15 years of muscle memory on iPhone and iPad

    July 16, 2026

    It’s deeply disturbing.’ What a new report says about risks Google’s AI search features pose to kids

    July 16, 2026
    Facebook X (Twitter) LinkedIn
    Trending
    • Amid hardware legal battle, OpenAI releases a $230 keyboard for Codex
    • iOS 27 breaks 15 years of muscle memory on iPhone and iPad
    • It’s deeply disturbing.’ What a new report says about risks Google’s AI search features pose to kids
    • Scams don’t respect borders, Sri Lanka says neither should the response
    • sixn.ai wins at Asia’s largest AI Hackathon, putting SL on global Agentic AI map
    • Sri Lanka marks high-level engagement at world’s largest AI Summits in Geneva
    • CSSL celebrates 50 years of leadership in shaping Sri Lanka’s digital future
    • Visa Sri Lanka holds Cybersecurity Conclave 2026
    Facebook X (Twitter) LinkedIn
    Techie.LKTechie.LK
    Demo
    • Home
    • Local
      1. AI & Machine Learning
      2. Consumer Tech
      3. Cybersecurity
      4. Enterprise Tech
      5. Fintech & Digital Payments
      6. GovTech & e-Governance
      7. Legal & Regulatory Tech
      8. Science & Innovation
      9. Startups & Venture
      10. Telecom & Connectivity
      Featured

      sixn.ai wins at Asia’s largest AI Hackathon, putting SL on global Agentic AI map

      By Techie.lkJuly 16, 20260
      Recent

      sixn.ai wins at Asia’s largest AI Hackathon, putting SL on global Agentic AI map

      July 16, 2026

      Sri Lanka marks high-level engagement at world’s largest AI Summits in Geneva

      July 16, 2026

      CSSL celebrates 50 years of leadership in shaping Sri Lanka’s digital future

      July 16, 2026
    • International
      • AI & Machine Learning
      • Consumer Tech
      • Cybersecurity
      • Enterprise Tech
      • Fintech & Digital Payments
      • GovTech & e-Governance
      • Legal & Regulatory Tech
      • Science & Innovation
      • Startups & Venture
      • Telecom & Connectivity
    • Interviews
    • Profiles
    • Analysis
    • Contributors
    • Podcasts
    • More
      • About Us
      • Contact Us
    Techie.LKTechie.LK
    Home»International»71% of organizations suffered at least one identity breach in the past year: Sophos
    International

    71% of organizations suffered at least one identity breach in the past year: Sophos

    Techie.lkBy Techie.lkMay 18, 2026Updated:June 1, 2026No Comments3 Views
    Facebook Twitter LinkedIn WhatsApp Reddit Tumblr Email
    Share
    Facebook Twitter LinkedIn

    Sophos, a global cybersecurity leader, today released the State of Identity Security 2026, a vendor-agnostic survey of 5,000 IT and cybersecurity leaders across 17 countries. The survey found that 71% of organizations suffered at least one identity-related breach in the past year, and on average organizations reported three separate incidents. Repeat victimization reached a notable level, with 5% even reporting six or more breaches. These attacks are driven primarily by human error and weak management of non-human identities (NHIs), a challenge that is accelerating rapidly as agentic AI accelerates attack processes.

    Two thirds of the ransomware victims (67%) responding to this survey confirmed their ransomware incident stemmed from an identity attack, establishing identity compromise as a primary delivery mechanism for ransomware. Sophos X-Ops researchers have observed this consistently over the past year. The financial consequences are steep: the mean recovery cost reached $1.64 million, with a median of $750,000, and 73% of those affected faced costs of $250,000 or more.

    “Identity has become the primary attack surface in modern cybersecurity, and this data shows most organizations are losing ground,” said Ross McKerchar, chief information security officer, Sophos. “The non-human identity problem is particularly urgent. AI agents are being granted privileges faster than security teams can track them, and organizations that fail to get ahead of this will find it an increasingly costly gap to close.”

    Additional Key Findings from the State of Identity Security 2026:

    • Data and Financial Theft Dominate Breach Fallout: Overall, 10% of organizations reported an identity breach that impacted their business in the last year with the primary consequences being data theft (49%) and ransomware (48%), and financial theft (47%)
    • Visibility Remains a Critical Weakness: Only 24% of organizations continually monitor for unusual login attempts, and more than half check every three months or less.
    • Detection Gaps Persist: 14% of breached organizations could not detect and stop their most significant identity attack before damage was done. Smaller organizations (100–250 employees) were nearly twice as likely to fail at detection as mid-sized peers.
    • Critical Infrastructure Most Exposed: Energy, oil/gas, and utilities (80%) and federal/central government (78%) reported the highest breach rates across all industries surveyed.
    • Compliance Struggles Signal Broader Risk: Organizations that found compliance requirements very challenging had a breach rate of 82.4%, a full 14 percentage points higher than those with lower compliance difficulty (68.3%).

    Human error (employees tricked into providing credentials) was cited in nearly 43% of incidents. Weak NHI management, including API keys stored in code, static credentials, and orphaned service accounts, was cited in 41%. Organizations with weak NHI management are 22% more likely to experience financial theft and pay approximately $150,000 more to recover than average.

    The NHI management problem is intensifying. AI agents can autonomously spin up sub-agents, each generating new credentials with broad, persistent access and inconsistent human oversight. Existing identity frameworks were not built for this, and organizations are already behind: only 1 in 3 organizations regularly rotate or audits service accounts and non-human identities, and just 11% do so continuously.

    Recommendations to Reduce Identity-based Risks

    To reduce exposure to identity-related attacks, organizations should implement a multi-layered approach covering both human and non-human identities. Essential steps include enforcing Multi-Factor Authentication (MFA) for all user accounts, applying least-privilege access principles, and disabling or removing inactive identities promptly.

    For non-human identities specifically, organizations should inventory and classify all NHIs, replace long-lived credentials with short-lived alternatives, and implement secrets management platforms to manage NHI credentials at scale. As agentic AI accelerates NHI proliferation, deploying Identity Threat Detection and Response (ITDR) capabilities and adopting a Zero Trust security model are increasingly critical layers of defense.

    The State of Identity Security 2026 report comes from a vendor-agnostic survey conducted in Q1 2026 of 5,000 IT and cybersecurity leaders across 17 countries, including the U.S., U.K., Germany, France, Australia, Japan, India, and Brazil, in organizations with 100 to 5,000 employees across 14 industries.

    Share. Facebook Twitter LinkedIn
    Techie.lk
    • Website

    Related Posts

    Amid hardware legal battle, OpenAI releases a $230 keyboard for Codex

    July 16, 2026

    iOS 27 breaks 15 years of muscle memory on iPhone and iPad

    July 16, 2026

    Galaxy Z Flip 8 may be the final Galaxy Z Flip phone, another leak says

    July 13, 2026
    Leave A Reply Cancel Reply

    Demo
    Top Posts

    Sri Lanka’s USD 2.5 Million Cyber Fraud: Investigations Underway as Questions Emerge Over Payment Process

    April 23, 20268

    Sampath Bank and Apartner Bring Digital Payments to Sri Lanka’s Growing Condominium Sector

    March 16, 20268

    Moose Fan App gains significant traction throughout T20 World Cup

    March 12, 20267

    LankaPropertyWeb Unveils “Apartment Finder”: A Game-Changer in the Real Estate Market

    March 10, 20266
    Don't Miss
    International

    Amid hardware legal battle, OpenAI releases a $230 keyboard for Codex

    By Techie.lkJuly 16, 20260

    OpenAI is officially entering the hardware market with the launch of a $230 light-up keyboard designed to…

    iOS 27 breaks 15 years of muscle memory on iPhone and iPad

    July 16, 2026

    It’s deeply disturbing.’ What a new report says about risks Google’s AI search features pose to kids

    July 16, 2026

    Scams don’t respect borders, Sri Lanka says neither should the response

    July 16, 2026
    Stay In Touch
    • Facebook
    • Twitter
    • LinkedIn

    Subscribe to Updates

    Get the latest creative news from SmartMag about art & design.

    Demo
    About Us
    About Us

    Your source for the lifestyle news. This demo is crafted specifically to exhibit the use of the theme as a lifestyle site. Visit our main page for more demos.

    We're accepting new partnerships right now.

    Email Us: techielkeditor@gmail.com
    Contact: +94 77 328 0773

    Facebook X (Twitter) LinkedIn
    Our Picks

    Amid hardware legal battle, OpenAI releases a $230 keyboard for Codex

    July 16, 2026

    iOS 27 breaks 15 years of muscle memory on iPhone and iPad

    July 16, 2026

    It’s deeply disturbing.’ What a new report says about risks Google’s AI search features pose to kids

    July 16, 2026
    Most Popular

    Sri Lanka’s USD 2.5 Million Cyber Fraud: Investigations Underway as Questions Emerge Over Payment Process

    April 23, 20268

    Sampath Bank and Apartner Bring Digital Payments to Sri Lanka’s Growing Condominium Sector

    March 16, 20268

    Moose Fan App gains significant traction throughout T20 World Cup

    March 12, 20267
    © 2026 Techie. Designed by NIKO.
    • Terms & Conditions
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.