Executive Summary
This survey discloses a critical gap in organizations’ ability to protect themselves against identity threats—with 83% already having experienced a breach involving compromised credentials. Account takeover, lateral movement, and ransomware spread are a prominent cyber risk. To gain resiliency against these attacks, organizations strive to have the ability to prevent—in real time—malicious access with compromised credentials to their resources. The common practice today is to lean on solutions such as MFA and PAM, as well as manual monitoring of service accounts, to get this protection. However, surveys of identity security teams reveal that in most cases, these solutions fail to deliver the required level of protection. This failure manifests in the vast majority of organizations experiencing an identity-related data breach, as well as a shared notion among identity teams that they don’t have the ability to thwart such attacks in the future.
Key Takeaways
The key takeaways from this research are:
- Over 80% of organizations have experienced an identity-related breach that involved the use of compromised credentials
Almost half of organizations experienced such a breach in the past 12 months. - 65.4% of organizations have not implemented MFA comprehensively enough to provide sound protection
Organizations are not protecting their entire workforce with MFA, and only one in eight have more than 70% of their resources and access methods covered. - Only 5.7% of organizations have full visibility into their service accounts
Very few organizations have full visibility into the activity and usage of their service accounts, while 62% only have partial visibility. - Protection of service accounts introduces a huge challenge to organizations with only 22% able to prevent adversaries from using them for malicious access
78% of organizations cannot prevent the misuse of service accounts in real time, since security is sporadic or missing. - 73.4% of organizations struggle with getting their PAM solutions fully onboarded and working
Many organizations have encountered difficulties in their PAM implementation, causing progress to halt. Most know what to do but are too resource-constrained to move ahead. - Only one in five organizations are highly confident that they could prevent identity threats
Very few organizations are confident they can stop initial access or lateral movement due to the malicious use of compromised credentials.
Figure 1
Identity Infrastructure Distribution: On-Premises, Hybrid and Cloud Only
Percentage of respondents
Figure 1
Identity Infrastructure Distribution: On-Premises, Hybrid and Cloud Only
Percentage of respondents
Figure 1
Identity Infrastructure Distribution: On-Premises, Hybrid and Cloud Only
Percentage of respondents
Confidence to prevent attackers from using compromised privileged user accounts for malicious access
One ultimate test of the efficacy of a PAM solution is high confidence to prevent misuse of privileged user credentials. We asked respondents to indicate their level of confidence. Per Figure 6, 34.3% of respondents indicate their organization is at the high confidence level—which means all privileged accounts have been identified and secured.