Security News > 2022 > July > 84% of organizations experienced an identity-related breach in the past 18 months

Identity security is a priority, yet board buy-in is critical.

90% of respondents state that their organizations fully recognize the importance of identity security in enabling them to achieve their business goals, and 87% say that it is one of the most important security priorities for the next 12 months.

"While the importance of identity security is acknowledged by business leaders, most security teams will not receive the backing and budget they need to put vital security controls and solutions in place to reduce major risks," said Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea.

Less than half of the organizations surveyed have implemented ongoing security policies and processes for privileged access management, such as password rotation or approvals, time-based or context-based security, or privileged behavior monitoring such as recording and auditing.

Only 44% of organizations manage and secure machine identities, while the majority leave them exposed and vulnerable to attack.

Carson added, "Cyber criminals look for the weakest link and overlooking 'non-human' identities-particularly when these are growing at a faster pace than human users-greatly increases the risk of privilege-based identity attacks. When attackers target machine and application identities they can easily hide, moving around the network to determine the best place to strike and cause the most damage. Organizations need to ensure machine identities are included in their security strategies and follow best practices when it comes to protecting all their IT 'superuser' accounts which, if compromised, could bring the entire business to a halt."

News URL

https://www.helpnetsecurity.com/2022/07/28/identity-related-breach/