As organizations navigate an increasingly complex digital landscape, identity security is emerging as a critical focus area for IT and security leaders. According to a recent report from Delinea, “Why CISOs Must Prioritize a Strong Identity Security Strategy – and Where to Start,” 78% of organizations plan to increase their identity and access management (IAM) spending in 2025.
Based on a survey of 300 technology and security leaders, the report highlights how identity-related threats—such as credential theft and ransomware—are driving the need for a more comprehensive and intelligent approach to IAM. The report also reveals that one in four organizations already allocate more than 30% of their IT budgets to identity security, underscoring its strategic importance.
“Strong identity management has become foundational to an organization’s overall security posture,” said Art Gilliland, CEO of Delinea. “As businesses adapt to an increasingly complex digital landscape driven by cloud technologies, hybrid work models, and sophisticated cyber threats, legacy solutions will be exposed. Those who fail to evolve and implement modern identity security strategies risk falling victim to the next wave of cyberattacks, which are more frequently targeting vulnerable credentials.”
Explore related questions
Shifting Toward a Modern IAM Framework
Modern identity security now extends far beyond basic authentication. Organizations are increasingly adopting intelligent authorization, cloud infrastructure entitlements management (CIEM), identity governance and administration (IGA), and privileged access management (PAM) to safeguard both human and non-human identities across hybrid environments.
Delinea’s findings point to five top IAM priorities that are shaping enterprise investment strategies for the coming year:
- Detecting and responding to identity threats
- Securing credentials, secrets, and privileged accounts
- Managing identities and entitlements in the cloud
- Gaining visibility into all identities and levels of access
- Securing remote work and third-party risk
These priorities reflect the growing complexity of identity ecosystems, which now include everything from employees and contractors to applications, bots, and AI systems. A third of organizations surveyed cited complexity in existing infrastructure as the biggest challenge to effective identity management. Resistance from users, siloed tools, and legacy technologies were also frequently noted as key barriers.
AI’s Growing Role in Identity Security
Artificial intelligence is quickly becoming central to future-ready IAM strategies. According to the report, 94% of respondents are planning to adopt AI-driven identity technologies, with more than half already in the process. AI is expected to improve identity governance automation, enhance real-time threat detection, and help manage the expanding universe of non-human identities, which 28% of respondents cited as a top priority for 2025.
As enterprises continue to embrace cloud-first models and distributed workforces, identity security will be a linchpin of organizational resilience. For CISOs, investing in modern IAM tools and consolidating fragmented systems may be the most effective way to strengthen defenses and ensure long-term security.
What this means for ERP insiders
Identity security investment is accelerating. A significant majority—78% of organizations—plan to increase their identity security spending in 2025, reflecting a strategic shift in how enterprises are addressing rising threats like ransomware and credential-based attacks. One in four organizations already devote more than 30% of their IT budgets to IAM, signaling a growing recognition of identity security as foundational to enterprise resilience.
Modern IAM strategies must address complexity and visibility. Detecting and responding to identity threats has become the top IAM priority, followed closely by securing credentials and managing cloud entitlements. Yet, 33% of organizations say the complexity of their existing infrastructure is the biggest barrier to effective identity management. Visibility into all identities—both human and non-human—is essential for maintaining control in increasingly hybrid digital environments.
AI is poised to redefine identity security. With 94% of organizations planning to adopt AI-driven identity technologies, automation and intelligent threat detection are set to play a transformative role in future IAM strategies. More than 55% have already begun implementation, particularly to streamline governance, manage machine identities, and respond faster to anomalies and risks across their ecosystems.
