Jakarta, INTI - Identity based threats are rising globally, with deepfake technology now ranking among the top three cybersecurity concerns for information security professionals.
This finding comes from the latest report by Keeper Security, which gathered insights from over 370 cybersecurity practitioners across three international conferences, Infosecurity Europe in London, Black Hat USA in Las Vegas, and it-sa Nuremberg.
The report highlights that identity driven-attacks, including phishing, credential fraud, and deepfakes, are now the most vulnerable points in corporate defenses. Phishing remains the top threat in both the UK and the US, cited by 50% and 45% of respondents, respectively. However, the growing concern over deepfakes has emerged as a key focus for 2025.
In Germany, 61% of cybersecurity professionals identify deepfakes as the most significant identity based threat, placing it at the top of their concerns. This figure surpasses worries about phishing, reflecting a clear shift in global risk perception.
“Deepfake technology is evolving at an extremely rapid pace and is now being used in high level fraud scenarios, ranging from social engineering to steal access to the manipulation of internal communications,” said Darren Guccione, CEO and co-founder of Keeper Security. “Identity based attacks have become the fastest pathway to system compromise, putting them at the centre of cybersecurity concern in 2025.”
Weak Privileged Access Controls Increase Cyber Risks
Beyond the growing threat of deepfakes, the report also finds that privileged access controls remain weak across many organizations. In the UK, 43% of respondents said multi factor authentication has not been consistently applied to sensitive accounts. In the United States 40% reported similar gaps, while half of organizations in Germany do not yet have a dedicated Privileged Access Management solution in place.
According to Keeper Security’s analysis, the combination of rapid growth in generative AI, an increase in social engineering attacks, and inadequate identity controls is widening opportunities for cybercriminals. These challenges are also transformation and cloud adoption continues to accelerate.
Takanori Nishiyama, Senior Vice President of APAC Sales and Japan Country Manager at Keeper Security, said that cybersecurity priorities in the Asia Pacific region are now shifting toward the protection of identities and privileged access.
Organizations in the region are increasingly recognizing that AI driven and deepfake based attacks are no longer future threats but real and present risks. As a result, companies need to move beyond awareness toward concrete action, including the adoption of zero trust framework, stronger identity policies, and the use of AI for anomaly detection and risk mitigation.
Conclusion
The rapid rise of deepfake driven attacks marks a critical shift in the global cybersecurity landscape, where identity has become the primary attack surface for cybercriminals. Combined with weak privileged access controls and the accelerating use of generative AI, organizations face growing exposure to sophisticated and high impact threats. Strengthening identity security, enforcing privileged access management, and adopting zero trust and AI driven defenses are no longer optional but essential steps to protect systems and maintain digital trust in 2025 and beyond.
Read more: Telkom University Strengthens Cybersecurity Education to Support National Digital Resilience