A survey of 510 IT security and risk practitioners finds 93% have access to a comprehensive inventory of human and non-human identities across their IT environments, with 85% having a clear line of visibility and monitoring into who is doing what. However, just under half (45%) also noted there has been some type of unauthorized access to their IT environments in the last year.
Conducted by Permiso Security, a provider of an identity security platform, the survey finds well more than half of those breaches (56%) involved some type of sensitive data, followed by 46% that led to privilege escalation or lateral movement, 45% that impacted supply chains, 42% that saw ransomware deployment and 39% that established some type of persistence.
More than half of breaches (54%) specifically involved some type of impersonation, followed closely by credential compromises (53%) insider risks (47%), privilege access abuse (46%) and multifactor authentication compromise (36%).
Affected platforms include software-as-a-service (SaaS) applications (76%), followed by infrastructure-as-a-service (IaaS) at 58%, platform-as-a-service (PaaS) environments at (48%), identity service providers at 43% and on-premises IT environments at 39%. Nevertheless, nearly three quarters of respondents (74%) rated their cloud security maturity as being “above average” to “advanced.”
In fact, two thirds (66%) make use of some type of cloud-native solutions, compared to 57% that have a cloud security posture management (CSPM)/cloud native application protection platform (CNAPP). A total of 42% are using some types of identity threat detection (ITDR) or content destruction and response (CDR) platform, while 41% have a SaaS security posture management (SSPM) platform. Only 30% have a security information event management (SIEM) platform while even less (25%) have an extended detection and response (XDR) platform.
In terms of future investments to be made over the next 12 months, 87% are allocating budget dollars to improve SaaS security, followed closely by IaaS security (81%) and PaaS security (71%).
Overall, a total of 61% said they can detect an issue within 24 hours but nearly half (45%) re still “concerned” or “extremely concerned” about their current team and the tools they rely on to detect and protect against identity-based attacks, the survey finds.
Overall, more than half of respondents (56%) have assigned responsibility for identity security to IT departments, compared to 15% or 21% that have assigned that responsibility to a traditional cybersecurity or cloud security team, respectively. Only 7% have a dedicated identity access management (IAM) platform.
Permiso Security co-CEO Paul Nguyen said that regardless of who is responsible for identity security, the survey makes it clear they are likely being overwhelmed. A total of 28% of respondents, for example, noted they are managing more than 5,000 non-human identities created by machine and software in their IT environments, while 49% manage between 1,000-5,000 identities. Those identities, however, were not immaculately conceived, so there is an opportunity to not only determine how they were created but also govern them, he added.
After all, a human invariably assigned individual identities to specific systems and applications and 93% of respondents said they are tracking the usage of keys, tokens and certificates, as well as environmental modifications. However, there is a tendency to overlook the cybersecurity implications, noted Nguyen.
On the plus side, there is now more focus on securing identities than ever. The challenge now is turning all that studying of the problem into an actionable cybersecurity strategy.
Recent Articles By Author