Why 84% Of US Firms Hit With Identity-Related Breaches In 2021

In a recent poll* of 500 US identity and security professionals the non-profit Identity Defined Security Alliance (IDSA) found that 84% had an identity-related breach in the past year, with 78%  experienced a  direct business impact as a result of the breach. Key Points:

Identity growth continues, making identity a top security priority

  • 98% Said the number of identities is increasing, primarily driven by cloud adoption, third party relationships, and machine identities.
  • 64% Have identified identities as among the Top 3 priorities for their security program

Risky behavior reduced when executives put focus on identity security

  • 71% Have executives who speak publicly to employees about password security
  • 60% Of IT/Security Stakeholders admitted to risky security behaviors

Investments in security outcomes still a work in progress, focus on basics lacking

  • 97% Will be investing in identity-focused security outcomes, the same as last year
  • MFA Is a key focus area, particularly for privileged users and employees
Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Oz.alashe
Oz.alashe , CEO
InfoSec Expert
June 23, 2022 2:20 pm

It’s unsurprising that phishing once again rises to the top of identity-related attack, with 64% of respondents noting that protection measures are a top priority, and fully 59% sharing that they’ve experienced a significant phishing attack in the last year. It’s time to move past reliance on first-gen “gotcha” phishing training, which educates valuable employees by “naming and shaming” them on lapses and missteps. The fact is that people aren’t the organization’s weakest link – they are and must be treated as among its greatest assets. Other classes of cybersecurity tools have advanced to the point where they provide real-time interventional assistance and intelligence that actually boosts both effectiveness and morale. It’s time for employee awareness training to similarly advance.

Last edited 5 months ago by oz.alashe
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x