A new forecast from Netwrix Security Research Lab argues that the next wave of cybersecurity disruption will not come from new exploits, but rather from scaled attacks.
“Soon, cybersecurity will stop being a people-scaling problem and become an intelligence-scaling problem,” commented Ram Varadarajan, Chief Executive Officer at Acalvio. “AI-driven attacks force AI-driven defense. Teams stay lean, budgets get smarter, and machines take on the work humans were never meant to do at machine speed. Most CISOs won’t significantly grow their teams this year, not because risk is shrinking, but because headcount no longer scales against the threat.”
This scaled attack trend emerges as enterprises automate identity workflows and deploy agentic AI systems that act autonomously. This collapses two distinct security domains—identity and data security—into a single, inseparable control plane. When enterprises combine systems governing who can access data with systems protecting what data is accessed, they create a single point of failure. A breach in one area compromises the other.
Attacks Will Bypass Traditional Defenses
The Netwrix report also predicts that between now and 2029, adversaries will increasingly bypass traditional defenses—targeting identity orchestration, federation trust, and automation logic. Attackers will take this approach, knowing that gaining control over identity gives them control over data.
“Hackers today don’t need to break your system to find their way in,” noted Mark McClain, Chief Executive Officer at SailPoint. “They can merely walk through the front door with legitimate credentials. Today's reality demands a new approach to security where access can be granted, monitored, and managed dynamically based on policy and context.”
At the same time, cyber insurers will tighten requirements. They will shift towards conducting continuous validation of how identities access sensitive data in real time.
The result is a new security reality. Organizations must demonstrate tight alignment between identity governance and data protection or face more risks, higher costs, and faster failures.
Identity Automation Multiplies Data Risk
For years, identity security focused on protecting individual credentials. Today, that model no longer fits the reality.
Modern enterprises rely on automated identity workflows—provisioning, token validation, privilege escalation—that continuously determine data access. When these systems fail, data exposure is no longer a downstream risk; it is the immediate outcome.
By the end of this year, most enterprises will embed identity automation deeply across their compute environments. However, this efficiency comes with a tradeoff: misconfigured workflows, broken trust relationships, and excessive privileges can expose entire data stores instantly.
As a result, attackers will adapt. They will shift away from brute-force credential theft toward exploiting identity orchestration.
Agentic AI Changes the Threat Model
“According to the State of AI in SOC Report, security leaders anticipate AI will handle approximately 60% of SOC workloads within the next three years,” pointed out Kamal Shah, Chief Executive Officer at Prophet Security. “AI enables them to move faster through noise, automate repetitive and tedious work, and spend more time on the parts that require human judgment.”
Why does agentic AI up the ante for security teams? These autonomous systems go beyond generating content to also plan, reason, and execute multiple tasks to achieve specific goals, with minimal human intervention. Agentic AI doesn’t just analyze data—it also accesses, moves, and acts on the data.
Every one of these actions depends on an identity. And when AI agents operate continuously at machine speed, weak identity governance can amplify data exposure far faster than human-driven misuse ever could.
That means gaining visibility into which identities AI agents use—and what authority they inherit—becomes foundational security hygiene.
Cyber Insurance Forces the Issue
Siloed identity tools and data security platforms leave blind spots that attackers can pounce on. The Netwriz report underscores the need for unified visibility that connects identities, permissions, and sensitive data access paths in real time. This enables faster detection and response when automation goes wrong.
Lurking in the background of this issue are the cyber insurers. They won’t be satisfied any longer with annual questionnaires and static attestations. As AI-driven access expands risk, insurers will move toward continuous telemetry to validate whether identity and data controls function as intended.
Organizations that can demonstrate alignment may gain better coverage terms. Those that don’t may face rising premiums—or outright denial.
The Emerging Security Mandate
“Cybersecurity has always been a forward-looking discipline,” said Morey J. Haber, Chief Security Advisor at BeyondTrust. “By anticipating where technology, threat actors, and regulation are heading, we can better protect our customers and help the industry prepare for what’s next.”
Added Randolph Barr, Chief Information Security Officer at Cequence Security: “As organizations rapidly adopt agentic AI, the Model Context Protocol (MCP), and autonomous browsing capabilities, we’re seeing a pattern develop: AI-native browsers are introducing system-level behaviors that traditional browsers have intentionally restricted for decades. That shift breaks long-standing assumptions about how secure a browser environment is supposed to be.”
The key takeaway from this development and these expert insights is stark: identity security and data security can no longer be treated as separate disciplines. In an AI-driven enterprise, identity is the data perimeter. Defending one without the other is an illusion.
