OpenText has rolled out new identity, data protection and application security capabilities for Australian enterprises adopting AI. The vendor cited rising cybercrime costs and tightening regulatory expectations around AI deployment.

Three products headline the release. OpenText Core Identity Foundation is a SaaS-based zero trust identity and access management platform spanning cloud, on-premises and legacy environments.

OpenText Core Data Discovery and Risk Insights provides encryption and data protection for sensitive and regulated data across the data lifecycle. Application Security Aviator adds AI-powered auto-remediation during application testing, aimed at reducing security debt.

The launch targets customers working to meet the Australian Privacy Principles, APRA prudential standards CPS 234, CPS 230 and CPS 231, the Security of Critical Infrastructure (SOCI) Act and state and territory health record requirements.

OpenText cited Australian data showing average self-reported cybercrime costs per incident rose by 50 per cent overall in 2024-25. Small businesses reported average losses of $56,600 per incident, medium businesses $97,200 and large businesses $202,700.

A separate Ponemon study commissioned by OpenText found 52 per cent of enterprises have fully or partially deployed generative AI. The study reported 79 per cent had yet to reach what the vendor defines as full maturity.

Vice president for Australia and New Zealand George Harb argued that non-human identities, including AI agents, are routinely overlooked by traditional identity governance built around people.

"Australian organisations want to move quickly with AI, but not at the expense of security Identity is the new perimeter," said Harb.

"Traditional identity programs were built around people, they incorporate structured onboarding, defined roles, periodic reviews, and clear accountability to manage human users through the cycle of their access and responsibilities within the enterprise.

"But non-human identities(NHIs) such as AI agents, are often overlooked by these governance processes. They persist quietly in the background, are often provisioned as part of administrative activities to keep systems running and are often granted long-term credentials with elevated permissions – providing rich targets for attackers.

"As with human identities, there are best practices, such as least-privilege permission assignments and frequent credential rotation, that can help better secure the use of these NHIs. Applying appropriate governance processes to the creation, daily use, and ongoing maintenance of these NHIs can help ensure secure automation and more effective control."

https://www.opentext.com