Identity and AI Threat Trends Highlight Growing Market for Machine Identity Security

According to a recent LinkedIn post from Token Security, the company is drawing attention to key findings in Verizon’s 2026 Data Breach Investigations Report (DBIR) related to non‑human identities and AI. The post highlights a reported 60% year‑over‑year jump in third‑party breaches, now said to represent 48% of all breaches, and references an OAuth token compromise that allegedly impacted Salesforce environments at several large enterprises without password theft.

The post suggests that unmanaged machine and service accounts, OAuth tokens, API keys, and cloud roles represent growing systemic risk, especially as organizations deploy more AI “agents” that operate autonomously at scale. It also points to reported trends such as widespread employee access to AI services via personal accounts and long remediation timelines for excessive cloud permissions, framing these as compounding factors in identity sprawl.

For investors, the post indicates that Token Security is positioning itself around the convergence of AI security and identity security, a theme underscored in its interpretation of the DBIR findings. If enterprises respond to these trends by increasing spend on tools that govern machine identities and AI agents, vendors in this niche could see expanding addressable markets and potentially stronger demand for specialized identity‑centric security solutions.

The emphasis on AI‑assisted and so‑called “agentic” attacks in the report, as described in the post, may reinforce perceptions that traditional perimeter and user‑centric controls are insufficient for emerging threats. This could benefit firms that offer visibility and governance over non‑human credentials across cloud and SaaS environments, though competition from larger identity and cloud security providers remains a key factor in assessing Token Security’s long‑term positioning.