Terry KS Keeper Security’s latest report, “Identity, AI and Zero Trust,” reveals that while cybersecurity leaders worldwide recognize the importance of zero trust and AI-driven defenses, most organizations remain unprepared for AI-enhanced attacks and identity-based threats. The findings highlight urgent needs for consistent privileged access controls and greater investment in zero-trust frameworks.
SINGAPORE, 31 OCTOBER 2025 – Keeper Security, a global leader in zero-trust and zero-knowledge Privileged Access Management (PAM), has released a new insights report titled “Identity, AI and Zero Trust: Cybersecurity Perspectives from Infosecurity Europe, Black Hat USA and it-sa.” The study captures perspectives from over 370 cybersecurity professionals across three major global conferences, offering a rare practitioner’s view into how organizations are adapting to today’s rapidly evolving threat landscape.
The report, though centered on the United States, United Kingdom and Germany, underscores universal challenges shared by enterprises worldwide—including those in Asia-Pacific—as they balance digital transformation with cyber resilience.
AI and Zero Trust: Awareness High, Execution Lagging
Respondents across all regions agreed that Artificial Intelligence (AI) is reshaping both attack and defense strategies. However, only 12% of UK and 16% of US organizations said they were fully prepared for AI-enhanced attacks. German respondents showed slightly higher readiness at 28%, though most acknowledged that true preparedness remains elusive.
Zero trust continues to be viewed as essential to modern cybersecurity, yet implementation is inconsistent. Only 18% of respondents at Infosecurity Europe reported fully implemented zero-trust frameworks, compared to 27% at Black Hat USA and 44% at Germany’s it-sa conference—highlighting steady but uneven global adoption.
Identity Threats Remain the Top Concern
The report found that identity-based attacks are the dominant threat vector worldwide. In the UK, 50% of respondents cited phishing as the primary risk, while 42% flagged deepfakes. In the US, 45% identified phishing and 41% deepfakes as their biggest concerns. In Germany, deepfake threats topped the list for 61% of respondents—reflecting growing anxiety over synthetic identity manipulation.
Privileged access management also showed critical gaps. In the UK, 43% said Multi-Factor Authentication (MFA) is not consistently enforced for privileged accounts, while 40% in the US and 50% in Germany admitted to lacking a dedicated PAM solution entirely.
Bridging the Gap Between Awareness and Action
Keeper Security’s CEO and Co-founder, Darren Guccione, emphasized the need to translate awareness into tangible action. “Identity has become the control point of cybersecurity. Our data demonstrates that the disparity between cybersecurity awareness and action is wide, but positive, proactive defense can close this gap,” he said.
Takanori Nishiyama, Senior Vice President of APAC Sales and Japan Country Manager at Keeper Security, added that the findings are especially relevant to Asia-Pacific: “Enterprises across the region are moving decisively to secure identities and privileged access as they scale digital transformation and build resilience against AI-enhanced attacks.”
The report concludes that real cyber resilience now depends on disciplined execution, measurable progress and responsible AI use to detect anomalies and manage risk across all access points.