Palo Alto and CrowdStrike report their best quarters yet, as AI ramps cyber demand
Identity security is getting pulled into the spotlight while AI agents multiply, forcing boards to rethink cyber priorities.
Palo Alto and CrowdStrike are both seeing their best quarter ever, with AI threats boosting demand across cybersecurity. For decision-makers, it is a clear signal that identity security is becoming the fastest-growing battleground as AI moves from demos to workflows.
Palo Alto and CrowdStrike are both reporting what they call their best quarters ever, and the reason is not just another cycle of fear. CNBC points to a more fundamental shift: AI threats are bolstering cybersecurity demand, especially around identity security, a critical cyber segment.
The immediate takeaway for executives is simple. When AI agents proliferate, the number of digital “doers” increases, but the number of human decision-makers does not. That imbalance matters because identity systems sit at the intersection of who can access what, from which devices, with which permissions. In other words, if AI is getting more active, identities become the control plane. And if that control plane gets sloppy, attackers do not need to “hack harder,” they just need to find where the permissions already are.
Why identity security is in the driver’s seat now comes down to incentives and operating reality. Many organizations already assume they will face phishing, credential stuffing, and account takeover attempts. What is changing is the scale and speed of how those attacks can play out. AI can help generate more convincing lures, automate recon, and coordinate multi-step intrusions. That means the “front door” problem for cyber is getting more crowded, and identity is the front door. Identity security tools aim to tighten access, reduce overly broad privileges, detect anomalous behavior, and make it harder for attackers to live inside legitimate accounts.
CNBC’s framing is that cybersecurity leaders are “leaning into identity security” as AI agents outnumber humans. That is an important phrase, because it ties demand to a structural change in the workforce. Many teams are already deploying AI to write code, summarize tickets, process invoices, triage customer conversations, and support internal operations. Even when those AI systems are not meant to access sensitive data directly, they usually route through permissions, service accounts, single sign-on flows, API calls, and automation tokens. Those identities can become soft spots if governance is weak.
There is also a board-level angle here: cybersecurity spend is rarely immune to budget scrutiny, but it is easier to defend when spending maps to a specific threat mechanism. Identity security is a mechanism. It is not just “better protection,” it is concrete: manage access, verify users and service identities, and monitor for suspicious use. When customers spend in a targeted way like that, vendors win. The fact that both Palo Alto and CrowdStrike are showing standout performance in their best quarter ever is a reminder that investors and buyers are rewarding focus.
This moment lands in a broader regulatory environment that keeps pressure on controls tied to identity. While CNBC’s source does not enumerate particular rules, the direction of travel in cyber regulation has been consistent across regions: organizations are expected to have safeguards, access controls, monitoring, and the ability to demonstrate that security is not an afterthought. Identity management is one of the most auditable areas of security. For boards, that matters because auditability turns cyber from a cost center into a compliance asset.
Now zoom out to the market dynamics. When two major cybersecurity leaders both point to AI-driven demand and identity as a key beneficiary, it suggests demand is not isolated to one product category or one customer segment. It is likely tied to how enterprises are redesigning workflows to include AI. Enterprises do not just add AI interfaces, they add automation behind them. Automation uses identities. If identity security is the layer that governs whether automation behaves safely, then AI adoption and identity security adoption start moving together.
Second-order implications follow fast. If identity security becomes a board priority, procurement teams may demand tighter integration between identity and threat detection, including better visibility into account behavior, token usage, and privilege changes. That can shift IT roadmaps, vendor selection criteria, and even internal responsibilities between security, IT, and identity teams. It can also change incident response: if the “who” and “what they could do” are the first clues, faster identity forensics become more valuable.
For executives at peer companies, the stakes are not just whether they buy cybersecurity tools. The stakes are whether their access architecture can handle an environment where AI agents do more work, make more calls, and create more opportunities for misuse. A best-quarter announcement is a headline. The real story is that AI is already changing what “attack surface” means, and identity is at the center of that shift.
This story's Key Insights and Take-aways are locked.
Create a free account to unlock Executive Actions for one credit.
Register to UnlockAlways free for Executives Club members. Join the Club
More in Technology
Chip rally pumps $2T into Micron, Intel, and AMD as AI demand broadens
In Q2, record gains added $2 trillion across Micron, Intel, and AMD, signaling AI momentum is spreading beyond Nvidia.
DeepMind trio’s EquiLibre tops $500M valuation as quant hedge funds start paying
Prague AI lab EquiLibre, built by three ex-DeepMind researchers, is valued above $500M and monetizing poker-style AI.
Hyperkin’s Drakong drops a pro-style Xbox controller to $35
The Challenger packs hall-effect sticks, haptics, back buttons, and a headphone jack, but it is wired-only at launch.