Art as a mirror of the cybersecurity gaps exposing museums to attacks
Art as a mirror of the cybersecurity gaps exposing museums to attacks
Publish Date: 2026-04-03 01:05:00
Source Domain: www.escudodigital.com
Using an unordered list, summarize the following article with between 4 and 8 key points.
The growing digitalisation of museums and cultural institutions has created new opportunities for cybercriminals. This is the warning issued in a report by IndraMind Cybersecurity, the cybersecurity unit of IndraMind (Indra Group), which examines the most common identity and access management failures in these organisations through the lens of iconic works of art.
The report notes that more than 1.8 billion credentials were stolen worldwide in the first half of 2025 alone, highlighting the scale of the problem. It also points to the rapid increase in machine identities –now reaching up to 83 for every human user– which adds complexity to access control and increases risk .
Weak passwords and poor practices
“The scream” by Edvard Munch is the first artwork used to illustrate one of the most persistent issues: poor password management.
Sharing credentials, reusing them or storing them in insecure locations can turn a simple oversight into a critical security breach. “When a user ‘shouts’ their credentials, they expose sensitive information that can compromise the entire organisation,” the report warns.
This type of failure can lead to unauthorised access, data theft or exposure, lateral movement within networks, malware infections and cyberattacks such as ransomware.
The impact is significant: more than 80% of data breaches are linked to compromised, weak or reused credentials.
To address this, the report recommends:
Moving towards passwordless authentication models while strengthening password policies where they remain in use.
Training staff in secure credential management practices.
Regularly reviewing access rights and auditing credential usage.
The risk of third-party access
The second artwork referenced is “Liberty leading the people” by Eugène Delacroix, used to highlight the risks associated with third-party access.
Restorers, curators, maintenance companies and technology providers often require temporary access to internal systems. However, if not properly managed, these permissions can become an entry point for cybercriminals.
The report states that one in three security incidents originates from unmanaged third-party access. A single poorly controlled account can lead to data leaks, malware infections, regulatory breaches or identity impersonation.
To mitigate these risks, the report advises:
Regularly reviewing and revoking third-party access, especially when projects or services end.
Establishing clear policies aligned with standards such as ISO 27001 or GDPR.
Implementing identity management solutions for external users, including PAM and CIAM tools.
Overlooked alerts and insufficient monitoring
“The garden of earthly delights” by Hieronymus Bosch is used as a metaphor for an environment where small details go unnoticed. In cybersecurity terms, this translates into insufficient monitoring of alerts, events and anomalous behaviours that, while seemingly minor, may be the first sign of an ongoing attack.
According to the report, nine out of ten organisations have experienced at least two identity-related security breaches in the past year, many of which were detected too late due to a lack of oversight.
To address this issue, the report recommends evolving towards intelligent Security Operations Centres (SOCs) with automated detection and response capabilities, as well as adopting ITDR technologies to identify credential abuse in real time.
Deepfakes and identity spoofing: a growing threat
The final artistic reference comes from Picasso’s cubist self-portrait, used to illustrate a new challenge: distinguishing between real identities and those generated or manipulated by artificial intelligence.
The report reveals that one in two companies has experienced deepfake attacks involving faces or voices, while more than 40% consider identity theft to be the main associated risk.
“If an AI-generated or manipulated identity manages to bypass access controls, it can move laterally across systems, escalate privileges, leak confidential information and even threaten business continuity,” the report warns.
To counter this threat, it recommends adopting advanced authentication models based on biometric systems and AI-driven solutions capable of detecting manipulation.
The growing digitalisation of museums and cultural institutions has created new opportunities for cybercriminals. This is the warning issued in a report by IndraMind Cybersecurity, the cybersecurity unit of IndraMind (Indra Group), which examines the most common identity and access management failures in these organisations through the lens of iconic works of art.
The report notes that more than 1.8 billion credentials were stolen worldwide in the first half of 2025 alone, highlighting the scale of the problem. It also points to the rapid increase in machine identities –now reaching up to 83 for every human user– which adds complexity to access control and increases risk .
Weak passwords and poor practices
“The scream” by Edvard Munch is the first artwork used to illustrate one of the most persistent issues: poor password management.
Sharing credentials, reusing them or storing them in insecure locations can turn a simple oversight into a critical security breach. “When a user ‘shouts’ their credentials, they expose sensitive information that can compromise the entire organisation,” the report warns.
This type of failure can lead to unauthorised access, data theft or exposure, lateral movement within networks, malware infections and cyberattacks such as ransomware.
The impact is significant: more than 80% of data breaches are linked to compromised, weak or reused credentials.
To address this, the report recommends:
Moving towards passwordless authentication models while strengthening password policies where they remain in use.
Training staff in secure credential management practices.
Regularly reviewing access rights and auditing credential usage.
The risk of third-party access
The second artwork referenced is “Liberty leading the people” by Eugène Delacroix, used to highlight the risks associated with third-party access.
Restorers, curators, maintenance companies and technology providers often require temporary access to internal systems. However, if not properly managed, these permissions can become an entry point for cybercriminals.
The report states that one in three security incidents originates from unmanaged third-party access. A single poorly controlled account can lead to data leaks, malware infections, regulatory breaches or identity impersonation.
To mitigate these risks, the report advises:
Regularly reviewing and revoking third-party access, especially when projects or services end.
Establishing clear policies aligned with standards such as ISO 27001 or GDPR.
Implementing identity management solutions for external users, including PAM and CIAM tools.
Overlooked alerts and insufficient monitoring
“The garden of earthly delights” by Hieronymus Bosch is used as a metaphor for an environment where small details go unnoticed. In cybersecurity terms, this translates into insufficient monitoring of alerts, events and anomalous behaviours that, while seemingly minor, may be the first sign of an ongoing attack.
According to the report, nine out of ten organisations have experienced at least two identity-related security breaches in the past year, many of which were detected too late due to a lack of oversight.
To address this issue, the report recommends evolving towards intelligent Security Operations Centres (SOCs) with automated detection and response capabilities, as well as adopting ITDR technologies to identify credential abuse in real time.
Deepfakes and identity spoofing: a growing threat
The final artistic reference comes from Picasso’s cubist self-portrait, used to illustrate a new challenge: distinguishing between real identities and those generated or manipulated by artificial intelligence.
The report reveals that one in two companies has experienced deepfake attacks involving faces or voices, while more than 40% consider identity theft to be the main associated risk.
“If an AI-generated or manipulated identity manages to bypass access controls, it can move laterally across systems, escalate privileges, leak confidential information and even threaten business continuity,” the report warns.
To counter this threat, it recommends adopting advanced authentication models based on biometric systems and AI-driven solutions capable of detecting manipulation.
Become a premium member for free!
