SailPoint’s annual Horizons of Identity Security report finds more than 30% of organizations not properly covered by identity solutions, and security professionals still struggling to communicate the business value of identity.
Produced in collaboration between SailPoint and Accenture, the 2023 edition of ‘The Horizons of Identity Security’ is based on insights from more than 375 global cybersecurity executives across the Americas, Europe and Asia, to examine the current state and future direction of the identity security market.
With 90% of cybersecuritybreaches being identity-related, identity security is the most important security aspect that every organization must get right.
Yet, findings from the Horizons of Identity Security report show that 44% of companies are still at the beginning of their identity journeys. And, concerningly, even mature companies cover less than 70% of the identities in their organizations through foundational governance capabilities.
Respondents noted that communicating the business value of identity security to executives is a key challenge. This underscores the need for identity security advocates to build executive-friendly business cases that are tailored to their audiences’ strategic priorities and value-driven mindset.
Other key findings from the study include:
-
Leadership as obstacle to identity security maturation
77% of respondents indicate that “limited executive sponsorship or focus” is a primary obstacle to investment in identity security, second only to budgetary constraints (91%). -
Identity ecosystems as growingly complex
More than 30% of the identities in an organisation are not properly covered by identity solutions, with particular gaps around third-party identities, machine identities and data - AI as potent accelerator to identity security maturation
Companies leveraging SaaS, AI and automation scale 10-30% faster; AI-enabled businesses scale identity-related capabilities up to 37% faster
Other key findings from the study include:
-
Leadership as obstacle to identity security maturation
77% of respondents indicate that “limited executive sponsorship or focus” is a primary obstacle to investment in identity security, second only to budgetary constraints (91%). -
Identity ecosystems as growingly complex
More than 30% of the identities in an organisation are not properly covered by identity solutions, with particular gaps around third-party identities, machine identities and data - AI as potent accelerator to identity security maturation
Companies leveraging SaaS, AI and automation scale 10-30% faster; AI-enabled businesses scale identity-related capabilities up to 37% faster
However, the findings clearly demonstrate that a strong identity security program can power business agility and innovation, risk mitigation, efficiency gains, and advancement of tech initiatives. For example, it can accelerate organizational change by as much as 30% through quicker integration of identities, applications, data and infrastructure.
“Although some markets in the APAC region have established regulatory frameworks related to identity and data security, several countries in the region are either just starting to adopt or are in the process of enacting related regulations for the first time. Therefore, the majority of APAC organizations are still in the beginning of their identity security journeys. As the threat surface increases with a proliferation of digital identities, APAC businesses need to focus on accelerating their identity maturity and adopting a strong identity security program to not only prevent breaches, but to improve efficiency and generate business value,” said Chern-Yue Boey, Senior Vice President, Asia-Pacific, SailPoint.
Identity management umbrella
Bringing third-party identities, machine identities and data under the umbrella of a strong identity management program is essential for breach avoidance. Foundational security capabilities accelerate incident response, prevent bad actors from authenticating into internal systems and limit excessive access rights for employees — which survey respondents selected as the most common security deficiency enabling breaches.
Encouragingly, the report shows a growing number of organizations are exploring AI-backed dynamic trust models to evolve access based on user behavior.
“Organizations are facing unprecedented challenges when it comes to managing their complex identity environments and massive data sets,” said Damon McDougald, the global Security Digital Identity lead at Accenture. “While advanced technologies like artificial intelligence and generative AI are making it easier to expedite, manage and scale identity security initiatives many organizations are still at the start of their journeys. Organizations should view this as an opportunity to accelerate their identity maturity timetable and establish a foundation for a secure digital transformation.”
SailPoint is launching a new adoption assessment tool that can help organizations assess their current capabilities, as well as how they stack up against their peers. The tool can help businesses identify what their greatest barriers to stronger identity security are, and how they can generate greater business value by investing in identity. To access the adoption assessment tool, click here.