Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large

Avatar
Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is needed in terms of the way we approach identity security both from a strategic but also a technology vantage point.  Identity security is more than just provisioning access  The conventional view
[[{“value”:”

Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is needed in terms of the way we approach identity security both from a strategic but also a technology vantage point. 

Identity security is more than just provisioning access

The conventional view of viewing identity security as primarily concerned with provisioning and de-provisioning access for applications and services, often in a piecemeal manner, is no longer sufficient. This view was reflected as a broad theme in the Permiso Security State of Identity Security Report (2024), which finds that despite growing levels of confidence in the ability to identify security risk, nearly half of organizations (45%) remain “concerned” or “extremely concerned” about their current tools being able to detect and protect against identity security attacks.

The Permiso commissioned survey conducted over the summer, interviewed over 500 IT security and risk practitioners, with direct control or influence over security and risk decision-making. The findings reflect despite growing investment, maturity and confidence in cyber risk mitigation controls, organizations remain concerned in the face of advancing identity threats.

The key insights include:

SaaS is seen as the riskiest environment.
93% of organizations stated that they can inventory identities across all environments, as well as track keys, tokens, certificates and any modifications that are made to any environment.
85% can determine “who is doing what” across fragmented authentication boundaries.
45% remain “concerned” or “extremely concerned” about their current tools being able to detect and protect against identity security attacks.
45% suffered an identity security incident in the last year, with impersonation attacks the leading threat vector.

Can you detect rogue identities?

Despite 86% of organizations stating that they can identify their riskiest identities (human and non-human), nearly half (45%) suffered an identity security incident in the last year, with impersonation attacks the leading threat vector — revealing that social engineering-based attacks continue to be a pervasive threat to organizations.

When it came to the consequences for those that were breached, targeting sensitive data, which included personally identifiable information (PII) and intellectual property (IP), topped the list for 54% of those that were breached. 46% of organizations stated that the threat actors also escalated privileges and went after their supply chains (45%), both on the vendor and customer side.

Human identities remain a soft target

Another interesting finding was human identities are seen as the riskiest, with employees at the top of the list. Contrary to much of the market hype, non-human identities (API keys, OAuth tokens, service accounts) are seen as less risky than their human counterparts.

Identity security is siloed

It is not clear that organizations understand what identity security responsibility entails for the hybrid and multi cloud reality. Despite most organizations using on average 2.5 public clouds, the IT team (56%) was singled as being primarily responsible for ensuring the identity security for the organization across multiple environments. This may reflect identity still being seen as limited to access provisioning and deprovisioning. According to Jason Martin, Permiso Co-CEO and Co-Founder, this finding could be explained by “identity security traditionally having fallen under the general responsibilities for IT who are seen as stewards of IT systems, which includes provisioning access and securing identities. Only in a minority of organizations are we seeing the security department as the primary stakeholder for securing identities.”

Security budgets also appear to be siloed, with SaaS (87%) and IaaS (81%) environments getting the bulk of security spend vs all environments (46%). From a tooling perspective it appears that the IaaS layer (66%) has seen the bulk of the focus with a combination of cloud native security tools such as AWS GuardDuty and CNAPP solutions being used.

Although it appears that most organizations are “risk aware” to the cyber threats that they face, it is clear we have some way to go concerning having the ability to detect and respond to identity threats as they arise. In fact, being able to detect and prevent credential compromise, account takeover and insider threat was cited as the leading concern for organizations.

Towards universal identity security

It’s up to all of us, the vendors, organizations and the broader security community to reimagine what is needed from a people, process and technology standpoint to secure the new reality of human and non-human identity as the leading threat vector. In this regard we need to recast identity security from merely provisioning or de-provisioning access to applications and services, to viewing it as a strategic business enabler.

Permiso Security was born to address this challenge, making unified identity security for all identities, across all environments, a reality.

You can access the full report here: https://hero.permiso.io/state-of-identity-security-survey-report-2024

Learn more about how Permiso can help bring this strategy to your organization.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Previous Post

Zendesk helped Internet Archive secure account after hacker breached email system

Next Post

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

Related Posts

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions

An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. "The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data
Avatar
Read More

Over 1 Million Domains at Risk of ‘Sitting Ducks’ Domain Hijacking Technique

Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed. "In a Sitting
Avatar
Read More