Enterprise Identity Security: How AI Made Your Login the #1 Attack Surface

The Perimeter Has Moved

The network perimeter that most security teams spent the 2010s defending stopped being the primary defensive line somewhere around 2020. Firewalls and VPNs didn't disappear; they just got demoted. What rose to replace them? Identity.

The Verizon Data Breach Investigations Report 2024 put stolen or compromised credentials at the top of the confirmed breach vector rankings. The Microsoft Digital Defense Report 2024 sharpened that picture: identity-based attacks now account for the majority of successful intrusions into enterprise environments.

This shift has a name: the identity attack surface. And for most enterprises, it is considerably larger than anyone in the C-suite has mapped.

Three Threats Most Teams Underestimate

Identity security failures don't resemble the hacking scenes in films. There is rarely a dramatic breach moment. More often, access is simply borrowed: a forgotten API key left active for 18 months. A push notification accepted at 11 pm by a tired employee, or an account that should have been deactivated when someone left the company nine months ago.

The CrowdStrike 2024 Global Threat Report identified identity-based intrusions as the fastest-growing attack category, up 60% year-over-year. The machinery behind most of these attacks is structural rather than spectacular. Governance gaps. Access that outlived the reason it was provisioned. And, as we covered in our piece on how AI is reshaping the cyber defense calculus, the tooling available to attackers has evolved considerably faster than most enterprise defenses.

How Prepared Is Your Organisation?

Before getting into the response framework, take a moment with the scorecard below. The eight statements map directly to the four-layer model we use later. If you can check all eight, your identity security posture is genuinely strong. Most teams discover gaps they were not fully aware of.

The $25 Million Zoom Call That Wasn't

In early 2024, a finance employee at a multinational firm in Hong Kong transferred approximately $25 million after a video call with what appeared to be the company's CFO and several colleagues. Every person on that call was a deepfake. The entire meeting was fabricated using publicly available footage of the executives themselves. No malware was installed, and no system was breached. The attack vector was identity. Specifically, the assumption that seeing and hearing someone on a video call confirms you are speaking with them.

As we explored in Why Your Remote Work Stack Is the Vulnerability, the tools enabling this kind of attack have become increasingly accessible. What was once the domain of state-sponsored actors now sits behind a subscription paywall on the open internet.

This incident points to something most enterprise security frameworks haven't fully accounted for. When human trust is the easier entry point, that's where the attack goes. The system was never the target. The employee's certainty about who they were talking to was.

Three AI-Enhanced Attack Patterns

Three patterns have most clearly emerged from 2024 incident data.

The first is deepfake social engineering. Attackers use AI-generated audio and video to impersonate executives, IT support staff, or trusted colleagues. The goal is typically to authorise a transaction, share credentials, or grant system access. The IBM Cost of a Data Breach 2024 report found that social engineering attacks now carry some of the highest per-incident costs, averaging over $4.6 million.

The second is AI-powered credential stuffing. Traditional credential stuffing has been significantly upgraded. As we detailed in our analysis of dark web AI tools, including WormGPT and FraudGPT, AI-powered variants now generate contextually convincing phishing lures, rotate attack patterns to avoid detection, and operate at a scale that overwhelms conventional rate-limiting controls.

The third is agentic AI help desk attacks. This is the newest and most underappreciated vector. Attackers use conversational AI to impersonate employees at IT help desks, generating plausible, emotionally coherent requests for password resets or account access changes. The SaaSification of the cybercrime supply chain means these tools are now packaged, priced, and distributed like commercial software products, complete with customer support.

Countering all three requires the same underlying capability: continuous identity verification throughout a session, not just at the point of login.

Layer 1: Continuous Behavioural Authentication

Static authentication, a single password check at login, is insufficient against attackers who steal session tokens after the checkpoint. Continuous behavioral authentication monitors interaction patterns throughout a session: typing cadence, navigation patterns, time-of-day access, and data movement. Any deviation from baseline triggers stepped-up verification. This approach is already operational at scale in financial services, where NIST's Zero Trust Architecture framework SP 800-207 provides the architectural blueprint for implementation.

Layer 2: Context-Aware Access Controls

Context-aware controls evaluate who is asking for access, where they are, what device they are using, and whether the request pattern is consistent with their role and history. A finance director requesting wire transfer approval from a hotel lobby in a country they have never visited before warrants a different response than the same request made from their usual office location during business hours. The system's job is to surface that anomaly for human review before any money moves, which is a meaningfully different posture than simply blocking access outright.

Layer 3: Phishing-Resistant MFA

Standard push-based MFA has a well-documented weakness: push bombing. Attackers flood a target's phone with approval requests until the user accepts one out of frustration or confusion. FIDO2 security keys and passkeys with number matching close this gap because they require physical interaction that cannot be replicated remotely. The architecture is what matters here, and CISA's guidance on phishing-resistant MFA is the operational starting point for any organisation still running push-only implementations. The MGM Resorts breach and the Uber breach both exploited weak MFA setups. MFA as a concept held. The implementation is where MGM and Uber found the gap.

Layer 4: Help Desk Verification Protocols

The help desk is currently the weakest link in most enterprise identity programs. When an attacker calls posing as an employee needing an urgent password reset, most help desk agents have no reliable way to verify identity beyond asking security questions that are often guessable from LinkedIn. The fix is a standardised out-of-band verification process: a separate confirmation channel, a manager callback protocol, or a hardware token challenge before any credential change is actioned. This is procedural discipline, and it costs almost nothing to implement.

A Framework That Holds Together

The four-layer model organises the work by maturity rather than by vendor or tool category. You can enter at any layer based on your current posture. Most organisations find, on honest reflection, that they need to start at Layer 1 even if they have been running an IAM program for years. The GitGuardian State of Secrets Sprawl report found over 12 million secrets exposed in public repositories in 2023 alone. Most were associated with service accounts and API keys sitting entirely outside formal governance. You cannot harden what you have not catalogued.

KPIs: What Good Looks Like for Enterprise Identity Security

Most identity security programmes measure the wrong things. Tracking the number of MFA rollouts is an activity metric. Tracking the percentage of identities under active governance is a posture metric. That distinction matters enormously when reporting to a board that wants to understand risk exposure rather than implementation milestones.

Four indicators provide the clearest signal of identity security posture over time.

Mean Time to Detect (MTTD) for identity compromise should sit below 24 hours. The CyberArk 2024 Identity Threat Landscape Report found the average MTTD for identity-specific incidents currently sits at 6.7 days across enterprise environments. That gap is the attack window.

Percentage of identities under governance should approach 100%, including non-human identities. Service accounts and API keys sitting outside your governance process are blind spots that attackers find before you do.

Stale account ratio, accounts inactive for 90 or more days as a share of total identities, should trend toward zero. This is the simplest metric to track and often the most revealing. As we noted in our explainer on zero-day vulnerabilities as product categories, attackers increasingly favour low-effort, high-persistence access over flashy exploits. A stale account with standing admin privileges is exactly that.

Behavioral detection coverage across inbound communication channels should exceed 90%. Below that threshold, too many entry points operate on signature-based detection alone, which catches known patterns and misses novel ones.

The 90-day plan below sequences the work to move all four metrics within a single quarter.

Where to Start This Week

The most common mistake in identity security programmes is trying to do everything simultaneously. The organisation that attempts to roll out FIDO2 MFA, implement zero standing privilege, and deploy behavioral anomaly detection all at once will stall within the first 30 days. The organisation that starts with a complete identity inventory and builds from there will have a defensible posture within a quarter.

One action before anything else: run a discovery scan. Every cloud environment, every SaaS integration, every CI/CD pipeline credential, every service account provisioned for a project that ended two years ago. The result of that exercise will tell you more about your attack surface than any penetration test.

The Okta breach of 2023 began with a compromised service account credential in a third-party support system. The account had access it shouldn't have had, and nobody had recently reviewed it. That pattern exists in most enterprise environments today. It's an administrative vulnerability, quiet rather than dramatic.

Start the inventory. Everything else follows.