India’s enterprises are facing a growing disconnect between the rapid expansion of identity-driven risks and their ability to recover from attacks, according to new research from Rubrik Zero Labs. The study links the rise of AI agents in daily operations to an accelerated growth of non-human identities (NHIs), creating new weak points for attackers and new urgency for defenders.
Ashish Gupta, Managing Director, India & Head of Engineering at Rubrik, said identity systems have become a prime target across Indian enterprises as they juggle hybrid environments built on Active Directory, cloud identity providers, SaaS platforms and fast-proliferating NHIs.
“Attackers are now frequently targeting both human and non-human identities. It’s the fastest route to critical systems and data, fundamentally changing the face of Indian cyber defense,” he said. “For Indian organizations, this complexity creates numerous failure points. Identity systems and data are the two assets attackers most often exploit. Therefore, going beyond prevention, the key to true resilience is ensuring the rapid protection and recovery of both.”
The report, Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats, notes a decisive shift among CIOs and CISOs toward strengthening identity resilience as AI adoption accelerates. Rubrik found that 86% of respondents have already incorporated AI agents into their identity infrastructure, with another 12% planning to do so. Industry estimates referenced in the study suggest NHIs now outnumber human users by 82 to 1.
Security leaders say this shift has created exposure that traditional controls cannot fully address. Andrew Albrech, Chief Information Security Officer at Domino’s, said even strong technical safeguards can crumble when identity verification fails.
“I could have unlimited amounts of technology in place. But if someone socially engineers our support desk to hand over admin passwords, that’s the end of the game,” he said. “That’s why identity resilience is key.”
Rubrik’s data suggests that organizations expect agentic AI to play a growing role in threat activity. More than half of IT security decision-makers surveyed estimate that 30% or more of the attacks they face next year will be driven by AI agents.
The research also points to declining confidence in recovery capabilities. In India, only 32% of respondents believe they could restore operations within 12 hours of an incident. A third expect recovery from an identity-based attack to take more than two days.
The study found that 79% of Indian organizations suffered a ransomware attack in the past year, and 91% paid a ransom to either recover their data or halt the intrusion.
Global trends reflect similar anxiety. Rubrik reports that 90% of leaders worldwide cite identity attacks as a top concern. Nearly nine in ten organizations plan to hire professionals over the next year to strengthen identity management and infrastructure. And 87% are preparing to switch, or have started switching, their Identity and Access Management (IAM) providers, with security concerns driving 58% of those decisions.
Kavitha Mariappan, Chief Transformation Officer at Rubrik, said the scale of identity-driven threats is reshaping global cyber-defense priorities.
“Managing identities in the era of AI has become a complex endeavor, especially with the labyrinth of NHIs,” she said. “We have an under-the-radar crisis on our hands where a single compromised credential can grant full access to an organization’s most sensitive data. Attackers are no longer breaking in, but logging