Keeper Security has released a new insights report, "Identity, AI and Zero Trust," compiling anonymous, in-person feedback from over 370 cybersecurity practitioners at major industry conferences. The study provides a candid, frontline perspective on how security teams are adapting to a complex threat landscape, highlighting a significant gap between strategic awareness of threats and the practical implementation of defenses, particularly concerning AI and identity-based attacks.
Quick Intel
A new Keeper Security report gathers frontline insights from Infosecurity Europe, Black Hat USA, and it-sa.
Only 12% of UK and 16% of US organizations feel fully prepared for AI-enhanced attacks.
Phishing and deepfakes are cited as the top identity-based threats across all regions.
Zero-trust implementation is inconsistent, with only 18% of UK respondents fully deployed.
43% of UK organizations do not consistently enforce MFA for privileged accounts.
The report identifies a major gap between cybersecurity awareness and actionable defense.
The Dual-Edged Sword of AI and the Zero-Trust Gap
The report underscores that AI is simultaneously a powerful tool and a significant threat. Despite widespread recognition of its impact, preparedness is low, with only a small minority of organizations in the UK (12%) and US (16%) feeling fully ready for AI-powered attacks. Similarly, while zero-trust is acknowledged as critical to a modern defense, its implementation lags, with only 18% of UK respondents reporting a fully implemented framework. This disparity between intent and action leaves organizations vulnerable. "Identity has become the control point of cybersecurity," said Darren Guccione, CEO and Co-founder of Keeper Security. "Our data demonstrates that the disparity between cybersecurity awareness and action is wide, but positive, proactive defence can close this gap."
Identity-Based Attacks and Inconsistent Access Controls
The data reinforces that identity is the primary attack vector, with phishing and deepfakes being the top concerns globally. In the UK, 85% of businesses reported phishing as a method used in attacks, mirroring the report's finding that 50% of UK practitioners see it as the top threat. A critical vulnerability exposed by the report is the inconsistent enforcement of privileged access controls. In the UK, 43% of respondents admitted that Multi-Factor Authentication (MFA) is not consistently enforced for privileged accounts, a foundational security practice.
The Keeper Security report paints a clear picture of a global cybersecurity community aligned on strategy but struggling with execution. The escalating threat environment, fueled by AI and targeted identity attacks, demands a shift from awareness to disciplined action. Building true resilience now depends on closing the implementation gap for zero-trust frameworks and privileged access management to secure every access point.
Keeper Security is one of the fastest-growing cybersecurity software companies that protects thousands of organisations and millions of people in over 150 countries. Keeper is a pioneer of zero-knowledge and zero-trust security built for any IT environment. Its core offering, KeeperPAM®, is an AI-enabled, cloud-native platform that protects all users, devices and infrastructure from cyber attacks. Recognised for its innovation in the Gartner Magic Quadrant for Privileged Access Management (PAM), Keeper secures passwords and passkeys, infrastructure secrets, remote connections and endpoints with role-based enforcement policies, least privilege and just-in-time access. Learn why Keeper is trusted by leading organisations to defend against modern adversaries.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.