The people responsible for managing identity in large companies all say they are hosed. Now they have the data to know they aren’t alone.
Lateral attacks and ransomware are so hot right now. Pretending you are Rose in finance has always been cool. Every bit of writing on this assumes everyone knows what a PAM is. Spell out your TLAs, please.
1000+ employee companies with people responsible for identity management
Boston & Tel Aviv, Sept. 6, 2023 — Silverfort, the Unified Identity Protection Platform leader, today announced its identity protection annual research report titled, The State of Identity Security: Insights into Critical Protection Gaps. Conducted by Osterman Research, the report finds the identity attack surface as the most significant gap in cybersecurity resilience today, with existing solutions like multi-factor authentication (MFA) and privileged access management (PAM) leaving critical exposures and allowing for the malicious use of compromised credentials. The survey behind this report, which included 637 respondents in identity roles at organizations with at least 1,000 employees, was conducted between May-June 2023.
The research finds that more than four out of five organizations have experienced a breach that involved the use of compromised credentials, half of which happened in the past 12 months. Furthering the challenges for CISOs is a continual misalignment between security and identity teams. Visibility into the identity attack surface continues to be insufficient, leaving organizations exposed to bad actors who can gain access to their environments, move laterally inside their networks, and wreak havoc in minutes. The protection of the identity attack surface – which extends far beyond traditional identity access management tools – is the last line of defense in detecting and preventing such threats in real time.
Key takeaways of the report include:
- Identity is the new top attack surface: More than 80% of organizations have experienced an identity-related breach that involved the use of compromised credentials, half of which happened in the past 12 months.
- Sporadic and poorly deployed MFA and PAM solutions fail to deliver 360º protection: 65% of organizations have not implemented MFA comprehensively enough to provide sound protection. In addition, only 10% of organizations have fully deployed PAM and have high confidence in its ability to prevent malicious use of privileged credentials due to the notorious complexity of implementing such solutions at scale.
- Limited visibility is creating ‘blind spots’ and exposed access points for bad actors: 94% of organizations do not have full visibility into their service accounts (non-human identities), making these highly vulnerable and often privileged identities a prime target for attackers.
- Real-time protection is missing: 78% of organizations admit that they cannot prevent the misuse of service accounts in real time, due to low visibility and inability to enforce MFA or PAM protection.
- Organizations are more exposed than ever: Only one in five organizations are highly confident that they could prevent identity threats. Very few organizations are confident they can stop malicious access or lateral movement using compromised credentials.
“Today’s organizations are challenged with securing many different ‘silos’ of digital identity across complex hybrid and multi-cloud environments. Each of these environments has different identity security controls, which don’t work together and result in partial security, inconsistent user experience, and redundant costs,” said Hed Kovetz, CEO and Co-Founder of Silverfort. “In addition, some of the most critical systems in every company don’t have identity security available at all, and bad actors know it. This new research emphasizes that organizations need to rethink how they implement identity security, and develop a strategy that covers the entire identity attack surface – including human and non-human identities, privileged and non-privileged users, on-prem and cloud environments, IT and OT infrastructure, and many other areas that they didn’t previously manage to protect.”
For other valuable research information, download the full report here.
About Silverfort
Silverfort is the leader in Unified Identity Protection, enabling secure authentication and access across all corporate resources, both on-premises and in the cloud, to detect and stop identity-based attacks, including account takeover and ransomware spread. Using patented technology, Silverfort enforces its protection as a layer on top of the customer’s existing IAM infrastructure without requiring modifications to endpoints, servers, or applications—a capability which is unmatched in the market. This includes resources that couldn’t be protected before, such as legacy applications, command-line interfaces, industrial systems, machine-to-machine access, and more. Silverfort is trusted by hundreds of enterprise customers around the world, including Fortune 100 companies. For more information, visit www.silverfort.com.