100% of surveyed security and IT leaders confirmed that their organizations experienced a security compromise in the last year
SailPoint Technologies Holdings, Inc. (NYSE: SAIL), the leader in enterprise identity security, today released the findings from a new survey of security and IT managers/directors that explored why large, well-resourced enterprises are continuing to be compromised. The one common denominator that stands out above the rest as a leading facilitator of cyber incidents – digital identities.
According to the report, all respondents (100%) confirmed that their organizations experienced a security compromise in the last year, with 32% of respondents stating that one million or more digital identities were compromised. Further, 71% of respondents reported that compromised identities led to unauthorized access to data that should have been deleted or destroyed.
“Clearly, the pivot toward cloud adoption and rapid access to critical apps and systems in the last year has accelerated the pace of business. This has generally been great for business, but there is a downside to rapid technology adoption. The results of this study have confirmed what many of us have observed anecdotally for years,” said Grady Summers, EVP of Product at SailPoint. “A good security program starts with securing identities. We make it too easy for attackers when identities are left active months after the users have departed the organization or when an identity has far more privilege than is needed to get the job done. I found the survey results fascinating because they clearly show how organizations can limit the blast radius of an attack by focusing on identity security.”
Additional takeaways include:
- 75% of respondents said that the compromise(s) were facilitated by over-entitled/over-permissioned access;
- 83% said the compromise(s) included unauthorized access to digital identity information, including that of employees, partners, contractors, customers and;
- 66% of respondents said digital identities that should have been inactive were compromised during the security incident.