Nonhuman identity security has generated a wave of recent interest, and enterprises are realizing the importance of addressing this widening attack surface.

Most people associate the term identity with identity and access management for human identities, be it workforce or customer identities. Yet not all identities are human. Recent organizational changes -- such as the proliferation of cloud services, modernized development processes including microservices-based applications having connections to resources and data, and increased DevOps automation -- have created a rapid proliferation of nonhuman identities (NHIs) and workloads that expand the enterprise attack surface.

Consider these recent incidents, all of which had NHIs at their root: 2023 saw compromises at Okta and Cloudflare, and 2024 saw the Sisense customer data breach, the New York Times source code leak and the Internet Archive breach make news.

NHI is an umbrella term covering service accounts, bots and robotic process automation, OAuth tokens, digital certificates, secrets, workloads and more. NHI is sometimes referred to as machine identity or workload identity.

Informa TechTarget's Enterprise Strategy Group published a study on NHI security and management in December. We surveyed IT, cybersecurity, DevOps, platform and security engineering professionals involved with technologies and processes that secure NHIs. The research examined the volume of NHIs, products and services deployed to secure and manage the environment, security incidents related to NHIs, the players involved in decisions and budget intentions.

While the study contained a wealth of information, something that jumped out was how frequently NHI security incidents occur.

In fact, 46% of respondents said they know they have had nonhuman accounts or credentials compromised, and an additional 26% said they might have had an NHI compromise. Note, however, that a compromise does not necessarily lead to a data breach.

When we drilled down about successful cyberattacks resulting from compromised NHIs, 66% of enterprises said they have experienced a successful attack, with 25% responding that they encountered multiple attacks.