AI-driven threats and identity controls: what changes for security teams?

TL;DR: 37% of organisations changed their security approach after AI-driven attacks, according to Netwrix’s 2025 Cybersecurity Trends Report, while 29% now say auditors require proof of data security and privacy in AI-based systems. The pressure point is no longer whether AI matters, but whether identity and data governance can keep pace with AI-amplified attack speed.

NHIMG editorial — based on content published by Netwrix: Netwrix Research on AI-Driven Threats and Security Strategy Changes

By the numbers:

• 37% said AI-driven attacks forced them to adjust their security approach over the past year.
• 29% report auditors now require proof of data security and privacy in AI-based systems.
• AI-based tools as a top-five IT priority has surged 189% in two years, from 9% in 2023 to 26% in 2025.

Questions worth separating out

Q: How should security teams govern AI systems that use identity credentials?

A: They should treat AI-connected credentials as governed identities, not as implementation details.

Q: Why do AI-driven attacks increase risk for identity and access management programmes?

A: They increase risk because they compress the time between exposure and impact.

Q: What do organisations get wrong when they separate AI risk from identity risk?

A: They assume AI is only an application layer issue, when it often depends on the same credentials and permissions that govern other non-human identities.

Practitioner guidance

• Inventory AI-connected identities Map every AI workload, service account, API key, token, and orchestration account that can access sensitive data or security tooling.
• Bring AI systems into access review Add AI-related credentials and permissions to the same entitlement review and recertification process used for other non-human identities.
• Reduce identity blast radius Split high-risk AI functions from broader operational permissions, remove standing privilege where possible, and require narrower task-scoped access for any workflow that can reach sensitive systems.

What's in the full report

Netwrix's full research covers the survey detail this post intentionally leaves for the source:

• Regional and industry breakdowns of how AI-driven threats are changing security strategy.
• Survey methodology from 2,150 IT and security professionals across 121 countries.
• Additional findings on how AI tools are improving detection and reducing manual effort.
• The full set of priority actions respondents ranked for strengthening cybersecurity.

👉 Read Netwrix's research on how AI-driven threats are changing security strategy →

AI-driven threats and identity controls: what changes for security teams?

Explore further

View Full Forum →  |  NHI Foundation Course →