Outages Related to Machine Identity on the Rise

Because CIOs often have limited visibility into the number of machine identities on their networks and these critical security assets are not prioritized in IAM and security budgets, CIOs should expect to see a sharp increase in machine identity related outages and security breaches, according to a new study of 1,000 CIOs conducted by Venafi.


Machine identities enable secure connection and authentication for every part of IT infrastructure, from physical, virtual servers and IoT devices to software applications, APIs and containers. Any time two machines need to authenticate each other a machine identity is required.

100% of CIOs say that digital transformation is driving a dramatic increase in the number of machine identities their organizations require. Without an automated machine identity management program, organizations suffer from outages caused by expired machine identities and breaches caused by machine identity misuse or compromise.

According to the study, the average organization used nearly a quarter of a million (250,000) machine identities at the end of 2021. This is a startling number when you consider that organizations initially underestimate machine identity populations by 50% or more because they have extremely limited visibility into the machine identities their organization requires.

At current rates of growth, these same organizations can expect their machine identity inventory to more than double to at least 500,000 by 2024.

Moreover, three-quarters of surveyed CIOs said that they expect digital transformation initiatives to increase the number of machine identities in their organizations by 26% — with more than one-quarter (27%) citing a percentage of higher than 50%.

Key survey findings include:

■ 83% of organizations suffered a machine identity related outage during the last 12 months; over a quarter (26%) say critical systems were impacted.

■ 57% of organizations experienced at least one data breach or security incident related to compromised machine identities (including TLS, SSH keys and code signing keys and certificates) during the same time period.

"The realities of digital transformation mean that every business is now a software company. This means IAM priorities need to shift to protect the machine identities required for digital transformation initiatives because these initiatives are the engines of innovation and growth," said Kevin Bocek, VP of Security Strategy and Threat Intelligence at Venafi. "The unfortunate reality is that most organizations are not prepared to manage all the machines identities they need. This rapidly growing gap has opened a new attack surface – from software build pipelines to Kubernetes clusters – that is very attractive to attackers."

The rise in the number of machines on enterprise networks is exposing outdated machine identity management practices. Nearly two-thirds (64%) of CIOs say that rather than using a comprehensive machine identity management solution, their organizations combine multiple solutions and processes, including point solutions from certificate authorities (CAs) and public cloud providers, homegrown solutions and manual processes. This approach does not provide enterprise-wide view of all machine identities or provide the mechanisms needed to enforce configuration or policy requirements.

"Machine identity management is in the early stages of adoption. It's very similar to what happened with customer and workforce identity a few years ago, but it's orders of magnitude larger in scale and change is happening much faster," Bocek continued. "The challenges connected with human identity management pale in contrast to the challenges of managing machine identities. This research underscores the urgent need for every organization to evaluate their machine identity management program in order to protect their digital transformation initiatives."

Methodology: Conducted by Coleman Parkes Research, Venafi's survey evaluated the opinions of 1000 CIOs across six countries/regions: United States, United Kingdom, France, DACH (Germany, Austria, Switzerland), Benelux (Belgium, Netherlands, Luxembourg) and Australasia (Australia, New Zealand).

Related Links

Hot Topics

The Latest

Payment Outages Threaten $44.4 Billion in US Retail and Hospitality Sales Annually

Payment system failures are putting $44.4 billion in US retail and hospitality sales at risk each year, underscoring how quickly disruption can derail day-to-day trading, according to research conducted by Dynatrace ... The findings show that payment failures are no longer isolated incidents, but part of a recurring operational challenge that disrupts service, damages customer trust, and negatively impacts revenue ...

From Automation to Intelligence: How AI Will Redefine DevOps in 2026

For years, the success of DevOps has been measured by how much manual work teams can automate ... I believe that in 2026, the definition of DevOps success is going to expand significantly. The era of automation is giving way to the era of intelligent delivery, in which AI doesn't just accelerate pipelines, it understands them. With open observability connecting signals end-to-end across those tools, teams can build closed-loop systems that don't just move faster, but learn, adapt, and take action autonomously with confidence ...

AI First? Why CIOs Are Putting the Cart Before the Horse

The conversation around AI in the enterprise has officially shifted from "if" to "how fast." But according to the State of Network Operations 2026 report from Broadcom, most organizations are unknowingly building their AI strategies on sand. The data is clear: CIOs and network teams are putting the cart before the horse. AI cannot improve what the network cannot see, predict issues without historical context, automate processes that aren't standardized, or recommend fixes when the underlying telemetry is incomplete. If AI is the brain, then network observability is the nervous system that makes intelligent action possible ...

Mitigating Complexity for Today's Database Administrator

SolarWinds data shows that one in three DBAs are contemplating leaving their positions — a striking indicator of workforce pressure in this role. This is likely due to the technical and interpersonal frustrations plaguing today's DBAs. Hybrid IT environments provide widespread organizational benefits but also present growing complexity. Simultaneously, AI presents a paradox of benefits and pain points ...

How Enterprises Are Re-Architecting Around AI

Over the last year, we've seen enterprises stop treating AI as “special projects.” It is no longer confined to pilots or side experiments. AI is now embedded in production, shaping decisions, powering new business models, and changing how employees and customers experience work every day. So, the debate of "should we adopt AI" is settled. The real question is how quickly and how deeply it can be applied ...

MEAN TIME TO INSIGHT Podcast - Episode 20: 2026 NetOps Predictions

In MEAN TIME TO INSIGHT Episode 20, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA presents his 2026 NetOps predictions ... 

EMA at 30: The Value of Consistency

Today, technology buyers don't suffer from a lack of information but an abundance of it. They need a trusted partner to help them navigate this information environment ...

Making Sense of Logical Data Management

My latest title for O'Reilly, The Rise of Logical Data Management, was an eye-opener for me. I'd never heard of "logical data management," even though it's been around for several years, but it makes some extraordinary promises, like the ability to manage data without having to first move it into a consolidated repository, which changes everything. Now, with the demands of AI and other modern use cases, logical data management is on the rise, so it's "new" to many. Here, I'd like to introduce you to it and explain how it works ...

2026 Data Center Predictions

APMdigest's Predictions Series continues with 2026 Data Center Predictions — industry experts offer predictions on how data centers will evolve and impact business in 2026 ...

2026 DataOps Predictions - Part 2

APMdigest's Predictions Series continues with 2026 DataOps Predictions — industry experts offer predictions on how DataOps and related technologies will evolve and impact business in 2026. Part 2 covers data and data platforms ...

Outages Related to Machine Identity on the Rise

Because CIOs often have limited visibility into the number of machine identities on their networks and these critical security assets are not prioritized in IAM and security budgets, CIOs should expect to see a sharp increase in machine identity related outages and security breaches, according to a new study of 1,000 CIOs conducted by Venafi.


Machine identities enable secure connection and authentication for every part of IT infrastructure, from physical, virtual servers and IoT devices to software applications, APIs and containers. Any time two machines need to authenticate each other a machine identity is required.

100% of CIOs say that digital transformation is driving a dramatic increase in the number of machine identities their organizations require. Without an automated machine identity management program, organizations suffer from outages caused by expired machine identities and breaches caused by machine identity misuse or compromise.

According to the study, the average organization used nearly a quarter of a million (250,000) machine identities at the end of 2021. This is a startling number when you consider that organizations initially underestimate machine identity populations by 50% or more because they have extremely limited visibility into the machine identities their organization requires.

At current rates of growth, these same organizations can expect their machine identity inventory to more than double to at least 500,000 by 2024.

Moreover, three-quarters of surveyed CIOs said that they expect digital transformation initiatives to increase the number of machine identities in their organizations by 26% — with more than one-quarter (27%) citing a percentage of higher than 50%.

Key survey findings include:

■ 83% of organizations suffered a machine identity related outage during the last 12 months; over a quarter (26%) say critical systems were impacted.

■ 57% of organizations experienced at least one data breach or security incident related to compromised machine identities (including TLS, SSH keys and code signing keys and certificates) during the same time period.

"The realities of digital transformation mean that every business is now a software company. This means IAM priorities need to shift to protect the machine identities required for digital transformation initiatives because these initiatives are the engines of innovation and growth," said Kevin Bocek, VP of Security Strategy and Threat Intelligence at Venafi. "The unfortunate reality is that most organizations are not prepared to manage all the machines identities they need. This rapidly growing gap has opened a new attack surface – from software build pipelines to Kubernetes clusters – that is very attractive to attackers."

The rise in the number of machines on enterprise networks is exposing outdated machine identity management practices. Nearly two-thirds (64%) of CIOs say that rather than using a comprehensive machine identity management solution, their organizations combine multiple solutions and processes, including point solutions from certificate authorities (CAs) and public cloud providers, homegrown solutions and manual processes. This approach does not provide enterprise-wide view of all machine identities or provide the mechanisms needed to enforce configuration or policy requirements.

"Machine identity management is in the early stages of adoption. It's very similar to what happened with customer and workforce identity a few years ago, but it's orders of magnitude larger in scale and change is happening much faster," Bocek continued. "The challenges connected with human identity management pale in contrast to the challenges of managing machine identities. This research underscores the urgent need for every organization to evaluate their machine identity management program in order to protect their digital transformation initiatives."

Methodology: Conducted by Coleman Parkes Research, Venafi's survey evaluated the opinions of 1000 CIOs across six countries/regions: United States, United Kingdom, France, DACH (Germany, Austria, Switzerland), Benelux (Belgium, Netherlands, Luxembourg) and Australasia (Australia, New Zealand).

Related Links

Hot Topics

The Latest

Payment Outages Threaten $44.4 Billion in US Retail and Hospitality Sales Annually

Payment system failures are putting $44.4 billion in US retail and hospitality sales at risk each year, underscoring how quickly disruption can derail day-to-day trading, according to research conducted by Dynatrace ... The findings show that payment failures are no longer isolated incidents, but part of a recurring operational challenge that disrupts service, damages customer trust, and negatively impacts revenue ...

From Automation to Intelligence: How AI Will Redefine DevOps in 2026

For years, the success of DevOps has been measured by how much manual work teams can automate ... I believe that in 2026, the definition of DevOps success is going to expand significantly. The era of automation is giving way to the era of intelligent delivery, in which AI doesn't just accelerate pipelines, it understands them. With open observability connecting signals end-to-end across those tools, teams can build closed-loop systems that don't just move faster, but learn, adapt, and take action autonomously with confidence ...

AI First? Why CIOs Are Putting the Cart Before the Horse

The conversation around AI in the enterprise has officially shifted from "if" to "how fast." But according to the State of Network Operations 2026 report from Broadcom, most organizations are unknowingly building their AI strategies on sand. The data is clear: CIOs and network teams are putting the cart before the horse. AI cannot improve what the network cannot see, predict issues without historical context, automate processes that aren't standardized, or recommend fixes when the underlying telemetry is incomplete. If AI is the brain, then network observability is the nervous system that makes intelligent action possible ...

Mitigating Complexity for Today's Database Administrator

SolarWinds data shows that one in three DBAs are contemplating leaving their positions — a striking indicator of workforce pressure in this role. This is likely due to the technical and interpersonal frustrations plaguing today's DBAs. Hybrid IT environments provide widespread organizational benefits but also present growing complexity. Simultaneously, AI presents a paradox of benefits and pain points ...

How Enterprises Are Re-Architecting Around AI

Over the last year, we've seen enterprises stop treating AI as “special projects.” It is no longer confined to pilots or side experiments. AI is now embedded in production, shaping decisions, powering new business models, and changing how employees and customers experience work every day. So, the debate of "should we adopt AI" is settled. The real question is how quickly and how deeply it can be applied ...

MEAN TIME TO INSIGHT Podcast - Episode 20: 2026 NetOps Predictions

In MEAN TIME TO INSIGHT Episode 20, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA presents his 2026 NetOps predictions ... 

EMA at 30: The Value of Consistency

Today, technology buyers don't suffer from a lack of information but an abundance of it. They need a trusted partner to help them navigate this information environment ...

Making Sense of Logical Data Management

My latest title for O'Reilly, The Rise of Logical Data Management, was an eye-opener for me. I'd never heard of "logical data management," even though it's been around for several years, but it makes some extraordinary promises, like the ability to manage data without having to first move it into a consolidated repository, which changes everything. Now, with the demands of AI and other modern use cases, logical data management is on the rise, so it's "new" to many. Here, I'd like to introduce you to it and explain how it works ...

2026 Data Center Predictions

APMdigest's Predictions Series continues with 2026 Data Center Predictions — industry experts offer predictions on how data centers will evolve and impact business in 2026 ...

2026 DataOps Predictions - Part 2

APMdigest's Predictions Series continues with 2026 DataOps Predictions — industry experts offer predictions on how DataOps and related technologies will evolve and impact business in 2026. Part 2 covers data and data platforms ...