A Shake-up in Identity Security Is Looming Large

Identity security has become a critical focus for organizations in light of recent high-profile breaches involving major companies such as Microsoft, Okta, Cloudflare, and Snowflake. Companies are recognizing the necessity for a strategic and technological overhaul in their approach to identity security, moving beyond traditional methods centered around access provisioning.

Conventional identity security practices have largely been limited to managing user access, a perspective now deemed insufficient. According to the Permiso Security State of Identity Security Report (2024), while organizations show increasing confidence in their ability to identify security risks, a significant portion—45%—express concerns about the effectiveness of their current tools in detecting and addressing identity security threats. This underscores a critical gap despite advances in technology and practices.

The Permiso survey, which included 500 IT security and risk professionals overseeing decision-making in their organizations, revealed several key insights about the state of identity security. Notably, a majority of organizations perceive their Software as a Service (SaaS) environments as the most vulnerable. The report highlights that while 93% of companies can successfully inventory identities and track modifications across environments, concerns remain significant regarding the ability to protect against identity security breaches.

Impersonation attacks were identified as the primary threat vector, with 45% of organizations reporting incidents over the past year, reflecting the ongoing challenge posed by social engineering tactics. Among those affected, 54% indicated that sensitive data, including personally identifiable information (PII) and intellectual property (IP), was a primary target, with supply chain attacks also emerging as a substantial risk.

The findings also suggest that human identities are the most vulnerable, with employees being viewed as the highest risk, overshadowing non-human identities like API keys and service accounts, which are perceived as less threatening. This highlights a critical human factor in identity security that requires heightened attention.

An alarming disconnect exists concerning the ownership and responsibility for identity security across hybrid and multi-cloud environments. Despite the prevalence of these setups, a majority of organizations still place primary identity security responsibilities within their IT departments, rather than integrating these functions into broader security strategy frameworks. This limited understanding may contribute to the siloed nature of security budgets, which disproportionately favor SaaS and Infrastructure as a Service (IaaS) over comprehensive coverage.

While organizations indicate a general awareness of the cyber risks involved, the ability to effectively detect and respond to identity-related threats remains a significant concern. Key risks such as credential compromise, account takeover, and insider threats are challenging organizations and call for enhanced detection capabilities.

Looking ahead, there is a pressing need for all stakeholders—including vendors and the security community—to reimagine identity security as a strategic business enabler rather than just a technical requirement. Emphasizing a more holistic and unified approach to managing both human and non-human identities can improve security posture and adaptability to evolving threats.

Permiso Security aims to address these challenges by advocating for a unified identity security framework that encompasses all identities across various environments. The goal is to shift the prevailing mindset from merely managing access to viewing identity security as integral to the overall organizational strategy. This proactive approach aims to elevate the standards of identity security management and response capabilities in today’s complex cyber landscape.