Artificial intelligence can be both an advantage and a risk, according to the new Cisco Duo “2025 State of Identity Security” report, based on surveys to 325 responsible for IT and security in Europe, among others. The most prominent fact is that 34% of managers consider that the phishing promoted by AI will be one of the main threats for digital identity in 2025. However, at the same time, AI is also helping to modernize the protection of identities. In fact, 87% of European companies are already promoting specific security solutions in their networks to curb AI -based attacks.
RISKS FOR IDENTITY SAFETY
Although managers recognize the importance of identity security, there are great gaps in terms of trust and execution. According to the report, only 34% of European managers believe that their current identity provider (IDP) can prevent attacks on identities. This is due, among other factors, to the complexity of the systems and the lack of transparency on possible vulnerabilities.
96% of managers affirm that a complex identities infrastructure compromises the global security of their organization. In addition, 88% recognize that they do not have a complete vision of identity risks within their company. It is not surprising: on average, IT and security equipment use five different tools to solve a problem related to identity.
The consequences can be expensive. 48% of those responsible for decision making have suffered economic losses due to identity theft. In response to this threat, 76% have already increased their investment in identity security for 2025.
Constant pHishing and gaps in MFA
The constant threat of phishing underlines the need for a safe implementation of multifactor authentication (MFA). However, although 88% of managers consider PHIsing resistant with MFA, only 32% fully trust the effectiveness of their current controls against this type of attack.
96% of managers say that a complex identities infrastructure compromises the global security of their organization
However, 42% of European companies have already implemented tokens Fido2 for phishing resistant MFA. Hardware tokens that meet the standards of the Fido Alliance (Fast Identity Online) connect to the computer, for example, as a USB memory, and offer a high level of security because the private key remains on the device. However, these tokens are usually reserved for privileged users due to the effort involved in their management (59%), the cost of hardware (47%) and the need for additional training (44%). At least 52% of managers want to implement access without password, although they foresee challenges in implementation.
70% seek to consolidate suppliers, also to improve transparency in real time
There are several obstacles when protecting identities. 80% of you recognize that identity safety solutions are added to the infrastructure as a complement, instead of integrating from the beginning. This can generate additional costs, greater complexity and lower transparency. To improve this situation, 70% of the teams are actively consolidating suppliers.
In addition, real -time visibility of identities and devices behavior is essential for security equipment and IT to make informed decisions. In fact, 53% of companies have already completely integrated identity telemetry and devices.
“Companies need modern identity solutions that prioritize security without sacrificing the user experience,” says Andreu Vilamicitjana, general director of Cisco for Spain and Portugal. “Only an identities and access management (IAM) oriented to safety in the corporate network guarantees solid identity protection against attacks based on AI,” he continues to say.
