86% of KSA Organisations Experienced at Least Three Successful Identity-related Breaches

Riyadh – Asdaf News:

CyberArk, a Palo Alto Networks Company, the global cybersecurity leader, has released landmark new research revealing that 86% of KSA organisations experienced at least three successful identity-related breaches in the last 12 months. The Identity Security Landscape Report 2026 reveals the expansion of attack surfaces and risk exacerbated by agentic identities.

The study found that machine identities now outnumber humans 127 to 1 in KSA, compared to an EMEA average ratio of 110:1, which itself marked an increase of 36% on 2025. The increase in machine identities has been driven by AI identities, with the number expected to grow faster than both human and machine identities. KSA organisations are expecting a steep rise in the number of identities they use over the next 12 months across:

• Human identities (72% expect growth in this area)
• Machine identities (86% expect growth in this area)
• AI identities (82% expect growth in this area)

The main factors driving the increase in identities over the next 12 months in KSA are: AI & LLMs (57% expect growth in this area), machine identities such as IoT and bots (57% expect growth in this area), more human employees (43%) and the adoption of more cloud applications (40% expect growth in this area). With digital expansion overtaking workforce growth as the main driver of identities, organisations need to rethink how identity risk is managed. As a result, there is increasing pressure to extend visibility, control and governance across an increasingly complex identity mix.

At the enterprise level, identity threats are now a sustained operational reality, not isolated incidents, where 94% of KSA organisations have experienced an identity-related breach. Security professionals acknowledge that identity complexity is outpacing control. For instance, KSA organisations are slightly better prepared than their EMEA counterparts for impending shortening of certificate lifecycles, with 62% of KSA organisations not fully automating renewals and monitoring across all certificate environments compared to the EMEA average of 76%. These incomplete automation risks are turning operational strain into financial and security exposure, with the expected financial impact of this for a KSA-based organisation being SAR837,701 ($223,387).

Other key stats from the research include:

• In the KSA, 43% of AI agents and 44% of machine identities have access to their organisation’s data, on average, which may include sensitive information such as financial records or high value systems.
• Only a minority of KSA organisations use behavioural monitoring and credential revocation for their autonomous AI agents (50% and 38% respectively), conversational AI agents (50% and 32% respectively) and Gen AI agents (42% and 40% respectively).
• The vast majority (90%) of KSA respondents agree that fragmented identity systems and tools are impacting or delaying their organisation’s ability to detect and respond to identity-related threats.

Laurence Elbana,Sales Director, Identity – Middle East and North Africa, Palo Alto Networks,says, “The explosion of machine identities in KSA and across the EMEA region represents a fundamental shift in the enterprise attack surface. With AI-driven identities projected to continue accelerating in the next year, organisations are facing a reality where identity complexity is rapidly outpacing traditional security controls.

“The fact that 94% of organisations have suffered an identity-related breach in KSA, proves that as AI agents gain more access to sensitive data, security leaders must move beyond manual processes. To close the gap, organisations must embrace end-to-end automation and unified governance. Otherwise, the risks of expanding AI and machine identities will only continue to intensify.”

The path forward is clear: As machine and AI identities become the primary inhabitants of enterprises, organisations must transition from fragmented, manual oversight to a unified, automated identity security approach. Managing the 127:1 machine identity to human ratio requires a platform-driven strategy that allows organisations to keep pace with innovation whilst securing every entity, human, machine, or agent.