Ping Identity warns Singapore firms are prime targets for malicious AI agent attacks
Source: iTnews Asia
Attackers are shifting focus from human users to AI agents with legitimate system access, warns Ping Identity. Most Singapore organisations already have solid IAM foundations — but these weren't designed for autonomous AI agents operating at scale.
Enterprise security is facing a new breed of threat — and it's not targeting human users. Ping Identity's latest research warns that attackers are increasingly hijacking legitimate AI agents that already sit inside enterprise networks, weaponising their access to steal credentials, spread malware, and disrupt operations. A March 2026 IDC study found only 9 percent of companies are prepared for these AI-driven identity threats.
Speaking to iTNews Asia, Ping Identity's regional VP for Asia, Jasie Fon, said that most organisations in Singapore already have a solid identity and access management foundation. The challenge is that those frameworks were built for human workflows, not for non-human identities like AI agents and automated services that operate at machine speed and scale. The rise of agentic AI creates an accountability gap — when autonomous bots are compromised, few firms can quickly trace who approved the actions or who's responsible.
Why it matters for Singapore: As Singapore pushes aggressively to embed AI across enterprise and government systems, the attack surface for AI-specific threats expands in parallel. Local organisations may have mature IAM setups, but the rules of the game are changing — identity security now has to account for AI agents that act on their own, and most firms aren't ready for that shift.