Report: 84% of organizations experienced an identity-related offense last year

Critical security planning has never been so important. While many organizations have prioritized identity over the past year, identity-related violations remain an ongoing threat that causes significant business impact. Increased identities, challenges posed by phishing attacks, and continued growth in cloud adoption are pushing today’s organizations to ensure that access to network resources is done so securely and successfully.

In a report by Dimensional Research, the Identity Defined Security Alliance (IDSA) examines organizational trends and gaps in the security of digital identities, including progress made by organizations in defending against these attacks and the internal factors that enable both set and interfere.

The IDSA has found that identity security investments have emerged as a focal point with cloud, zero-trust and digital transformation initiatives leading the way. However, basic principles such as MFA, de-provision and reviews on privileged access are still lacking.

An overwhelming 84% of organizations have experienced an identity-related offense in the past year, with 78% citing a direct business impact as a result. When asked what kind of offense, the most common response was phishing attacks (59%), whether broad-based attacks or spear phishing. With 96% stating that the breach could have been prevented or minimized by implementing identity-focused security outcomes, it is not surprising that identity has made its way to a top three security priority for 64% of organizations.

The 504 participants in the online survey were directly responsible for IT security or identity and access management (IAM) at a company with more than 1,000 employees. All participants were knowledgeable in IT security and identities and included a variety of company sizes, job levels and industries.

Read the full report by IDSA.