Passwordless authentication trending as AI forces cybersecurity change: RSA report

The 2025 RSA ID IQ Report: A global survey of identity and access management, AI, passwordless, and the cost of data breaches has uncovered some major points from the more than two thousand respondents across the 62 countries surveyed.

They were asked questions pertaining to AI’s cybersecurity potential, the frequency and cost of digital identity-related data breaches, passwordless authentication, and operating environments, among others.

The report found that when organizations suffer identity-related data breaches, it costs them significantly, with 66 percent reporting it as a “severe event” that significantly affects their organization.

That finding echoes another report, from enterprise cybersecurity company Panaseer. It found that 61 percent of organizations have suffered a security breach in the past year “because their policies, governance, and controls failed or were not working effectively,” according to the report, and that this is costing U.S. businesses a total of $30 billion per year.

But better tools are coming. Four in five respondents to RSA feel that AI will “do more to empower cybersecurity than abet cybercriminals over the next five years,” according to the report, and some 79 percent of organizations plan to implement some form of AI in their cybersecurity stack within the next year. Furthermore, “highly regulated industries” are among the “most likely” to have such AI plans.

As for passwords, more than half (51 percent) of respondents say they need to input their passwords six times or more for work every day. This friction and identity data breaches mean that 61 percent of respondents shared that their organization has plans to implement passwordless capabilities in the next year.

“Identity has always been elemental to every part of an organization – it’s core to onboarding new users, defending against threats, complying with regulations, and executing operations. That hasn’t changed,” writes Rohit Ghai, CEO of RSA, in the report’s executive summary.

“What has changed are the forces that act on identity,” he continued. “From AI to cybercriminal activity to new protocols set to disrupt decades of username/password authentication, change is on the way.”

Those interested can download a copy of the report here. Meanwhile, RSA CEO Rohit Ghai and eWeek Senior Editor James Maguire will host a live webinar on the main findings and key takeaways from the 2025 RSA IQ Report on November 18 at 12:00pm ET, for which interested parties can register here.

A report released earlier this year by the Identity Defined Security Alliance (IDSA) similarly showed the cybersecurity value businesses see in passwordless authentication.

Article Topics

biometric authentication  |  biometrics  |  cybersecurity  |  digital identity  |  identity access management (IAM)  |  passwordless authentication