2025 RSA ID IQ Report Finds Identity Breaches Cost More Than Typical Incidents, Organizations Are Betting Big on AI’s Cybersecurity Potential
2025 RSA ID IQ Report Finds Identity Breaches Cost More Than Typical Incidents, Organizations Are Betting Big on AI’s Cybersecurity Potential
BURLINGTON, Mass.--(BUSINESS WIRE)--A new report from RSA, the security-first identity leader, reveals significant challenges and changing attitudes in cybersecurity, AI, data breaches, and other trends transforming identity. The only identity-specific survey in the industry, the 2025 RSA ID IQ Report analyzes responses from more than 2,000 cybersecurity, identity and access management (IAM), and tech professionals from 62 countries, highlights key insights into the evolving identity and security landscape.
Key findings:
- When organizations suffer identity-related data breaches, it costs them—significantly: Identity-related data breaches are more severe and costly than run-of-the-mill incidents: More than 40% of respondents reported an identity-related security breach. Of those, 66% reported it as a severe event that affected their organization. 44% of respondents estimated that the total costs of identity-related data breaches exceeded the cost of a typical data breach. These findings underscore why organizations should prioritize investing in security capabilities that can mitigate the high costs of identity-related breaches.
- Cybersecurity is no longer on the fence about AI: 80% of respondents felt that AI will do more to empower cybersecurity than abet cybercriminals over the next five years, with nearly as many organizations (79%) planning to implement some AI in their cybersecurity stack within the next year. Entertainment, finance, and retail were the likeliest sectors to implement some form of AI in the next year. Highly regulated industries are among the most likely to have plans to implement AI in their cybersecurity stacks.
- Organizations are leaving toxic relationships with passwords: More than half (51%) of respondents reported needing to input their passwords six times or more for work every day. That friction and the cost of identity data breaches may be motivating organizations to change their authentication strategies: 61% of respondents expressed that their organization had plans to implement passwordless capabilities in the next year, rather than wait for phishing or other attacks to breach their defenses.
- Security software on personal devices divides organizations: Willingness to install security monitoring software on personal devices varied widely among respondents. 73% of IAM experts and 60% of cybersecurity specialists expressed willingness to have corporate security software on their personal devices, as opposed to only 39% of generalists.
- Hybrid environments dominate: 70% of organizations operate in hybrid environments, reflecting the increasingly complex landscape of application and security deployments, and organizations’ need for solutions that span environments.
“If I take anything from the 2025 RSA ID IQ Report, it’s that cybersecurity and IAM experts are acting on identity security right now, making investments in AI and secure passwordless authentication both because the technology is ready and because the costs of waiting for an identity-related data breach to strike are too high to ignore,” said RSA CEO Rohit Ghai.
“The 2025 RSA ID IQ Report is a temperature check of what our customers—the world’s most secure organizations—care about. It reveals what new cybersecurity frameworks, threats, and technologies really mean to security-first leaders in government, finance, healthcare, and energy, and helps RSA continue to prioritize the innovations they need,” said RSA CMO Laura Marx.
Rohit Ghai will join eWeek Senior Editor James Maguire to share more results and analysis from the 2025 RSA ID IQ Report in a live webinar on November 18 at 12 PM ET.
Resources
Download the 2025 RSA ID IQ Report
Download the 2025 RSA ID IQ infographic
Register for the ID IQ Report webinar now
Read Rohit Ghai’s 2025 RSA ID IQ Report Executive Summary
About RSA
The AI-powered RSA Unified Identity Platform protects the world’s most secure organizations from today’s and tomorrow’s highest-risk cyberattacks. RSA provides the identity intelligence, authentication, access, governance, and lifecycle capabilities needed to prevent threats, secure access, and enable compliance. More than 9,000 security-first organizations trust RSA to manage more than 60 million identities across on-premises, hybrid, and multi-cloud environments. For additional information, visit our website to contact sales, find a partner, or learn more about RSA.
