Privileged access management is key to enterprise defense
New survey data reveals that 49 percent of organizations with privileged access management report fewer security incidents tied to privilege misuse.
The report from Keeper Security, based on a global survey of 4,000 IT and security leaders in the United States, Europe and Asia, explores the motivations driving PAM adoption, the most common obstacles to deployment and the features enterprises consider essential for securing access in today’s cybersecurity threat landscape.
"Every system, whether in the cloud, on-premises or remote, is a potential entry point that necessitates adaptive and secure controls to defend against modern threats,” says Darren Guccione, CEO and co-founder of Keeper Security. “Modern, zero-trust PAM doesn’t just mitigate risk; it enables organizations to shift from a reactive defense posture to proactive, pervasive control.”
The findings show that more than half (53 percent) of organizations that have implemented PAM report improved protection of sensitive data, with that number rising to 58 percent in the UK. Credential theft remains one of the most common causes of breaches, underscoring PAM’s critical role as a frontline defense.
Globally, 49 percent of respondents with a PAM solution report a reduction in security incidents tied to privilege misuse.
There are still barriers to adoption, however. Implementation complexity is cited as a top challenge by 44 percent of respondents globally. That number rises sharply to 57 percent of respondents in the UK, emphasizing the need for user-friendly solutions that are simple to deploy. Cultural and awareness gaps remain as well.
The report reflects a change in infrastructure too, 94 percent of organizations now operate in hybrid or cloud-first environments. As infrastructure evolves, so must access controls, requiring adaptable PAM platforms.
Even with tools in place, risky practices persist. Among non-PAM users, eight percent still store credentials in spreadsheets. While that number drops to two percent in the UK, 10 percent of respondents said they had no formal plan in place. Globally, 13 percent of organizations audit privileged access only once a year or less, leaving standing permissions unchecked for extended periods. Organizations need comprehensive security posture information about end-user behavior.
“A robust security posture requires both the right systems and the right human behaviors,” adds Guccione. “An organization will never be fully protected if users circumvent controls or skip essential reviews. That’s why insightful risk analysis and end-user education must be part of a successful PAM strategy.”
The full report is available from the Keeper site.
Image credit: Leowolfert/Dreamstime.com