CrowdStrike’s 2025 Threat Hunting report reveals that vishing attacks surged by 442% in late 2024, more than doubling last year’s numbers in the first half of 2025. Adversaries are leveraging AI-driven social engineering and deepfake tools to bypass MFA and exploit credentials at scale. The report also found that 52% of all exploited vulnerabilities are related to initial access, most often through compromised identities, while the use of gen AI to create, impersonate, and abuse identities is a driving force behind these trends. Machine identities now outnumber human users by 45:1 across the average enterprise, while attackers move laterally in just 51 seconds. Traditional identity and access management systems built on static rules and quarterly reviews can’t keep pace with threats moving at machine speed. Gartner predicts information security spending will reach $213 billion in 2025, even with growth revised down to 10.7%. Ongoing threat protection is expected to push spending to $323 billion in 2029. The research firm expects to see more organizations replace legacy rule-based systems with AI-powered platforms that learn, adapt, and respond autonomously. IDC predicts robust growth in identity security.