A new report by CyberArk reveals that 92% of Hong Kong organisations overlook machine identities despite the rise of AI and cloud technologies.
According to the 2025 Identity Security Landscape, machine identities now outnumber human ones 82 to 1, yet most organisations only define “privileged users” as humans, despite half of machine identities having sensitive access.
The report shows that 95% of Hong Kong companies experienced at least two identity-related breaches in the past year, surpassing the global average. Meanwhile, 67% lack security controls for AI tools and nearly half can’t secure shadow AI within their systems.
Race to embed AI
“The race to embed AI into environments has inadvertently created a new set of identity security risks centred around the access of unmanaged and unsecured machine identities,” said Clarence Hinton, chief strategy officer at CyberArk. “The privileged access of AI agents will represent an entirely new threat vector.”
CyberArk identified hybrid infrastructures, lack of governance, and shadow AI as the top causes of “identity silos,” which increase enterprise risk and compliance challenges. Some 66% of local respondents cited identity silos as a significant risk, while 73% admitted that business priorities often outweigh security concerns.
“As Hong Kong fortifies its cybersecurity framework… organisations are expected to elevate their resilience standards,” said Jack Poon, regional director for North Asia. “CyberArk is a trusted partner… helping them protect privileged access and stay ahead of today’s evolving identity threats.”
The report surveyed 2,600 global cybersecurity leaders, including 100 from Hong Kong.
