Forty-seven percent of survey respondents rate their organizations at above average or superior when it comes to provisioning, managing and attesting to identities and access to secured resources within their networks.
And yet ...
50 percent either know their organizations were breached in the past year, or they are uncertain;
63 percent rate their organizations only average or below when it comes to their organization's ability to provide secure and appropriate access to privileged accounts;
34 percent do not employ multifactor authentication to validate privileged users.
These are among the preliminary results of the 2016 Identity & Access Management Research Study sponsored by One Identity.
Register for the 2016 Identity & Access Management Research Study and help benchmark your organization against the top North American financial institutions in terms of staying both compliant and secure with:
Privileged Accounts - How do you establish, manage and monitor their access?
Attestation - How and when do you validate your privileged user accounts?
Provisioning - How does your organization grant, manage and remove access to secured systems?
According to Verizon's latest Data Breach Investigations study, more than 60 percent of the most recent breaches resulted from default, stolen or weak passwords. And most of the high-profile breaches of recent times - Target, JPMorgan Chase, Anthem to name a few - were caused by a breach of privileged access.
The core question of the 2016 Identity & Access Management Research Study is "What is Your Enterprise Doing to Manage and Secure Privileged Accounts?" And the consistent answer is: Not nearly enough. When it comes to managing privileged accounts, attestation and provisioning, respondents rate themselves average at best. Their three biggest challenges:
Privileged accounts and administrator access - 45 percent
Attestation/recertification/managing access to resources - 42 percent
Third-party access to our network - 36 percent
Register for this session for a detailed look at the current state of identity and access management in 2016 - and, more important, where security leaders intend to make their key investments in 2017.
Field is responsible for all of ISMG's 28 global media properties and its diverse cadre of senior-level editors and reporters. He also helped to develop and lead ISMG's award-winning Summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.