Privileged access management is key to enterprise defense


New survey data reveals that 49 percent of organizations with privileged access management report fewer security incidents tied to privilege misuse.
The report from Keeper Security, based on a global survey of 4,000 IT and security leaders in the United States, Europe and Asia, explores the motivations driving PAM adoption, the most common obstacles to deployment and the features enterprises consider essential for securing access in today’s cybersecurity threat landscape.
The path of least resistance to Privileged Access Management


Privileged Access Management (PAM) has been around for more than 20 years taking critical accounts and putting them into a vault to ensure only select individuals could access them securely. Since then, PAM has evolved and now focuses on controlling the access itself which means preventing broad access to specific data and providing insight into who has access, and when an account has been accessed.
Privileged accounts have traditionally been given to administrators to access critical data and applications. However, changing business practices, agile software development, and digital transformation have meant that privileged accounts have become more numerous and widespread. To reduce the risk of privileged accounts being hijacked or fraudulently used, and to uphold stringent regulatory compliance within an organization, an adequate PAM solution is essential.
The critical gap in zero trust [Q&A]


As network boundaries can no longer be relied on to define the limits of cybersecurity, zero trust has become the overarching framework that now guides enterprise security strategies.
However, Zero Trust Network Access (ZTNA) has its limitations, especially in application security, and this can open up risk for organizations heavily reliant on SaaS systems.
Identity and permissions present a major security challenge


The average organization has roughly 1,400 permissions for every employee, according to a new report from Veza.
The findings also show that identity teams face a daunting number of groups and roles to manage. With organizations averaging nearly 700 groups for every 1,000 users, it is difficult for admins to choose the least-privilege groups and roles that will meet the needs of any given employee, contractor, or service account.
95 percent of security professionals worry about identity threats despite confidence in their solutions


A new study of IT and security leaders at 567 US-based enterprises finds over over 95 percent of respondents say they are gravely concerned about identity-related threats.
The report from Omada shows 72 percent say their organization's users have unnecessary access and overly permissive accounts.
Reports of the password's death are greatly exaggerated


We've been hearing predictions surrounding the end of the password for many years, but a new survey of 300 US IT decision makers reveals that 68 percent say passwords aren't dead and 53 percent think they're simply evolving into something new.
The study, conducted by Censuswide for Delinea, is aimed at understanding the future of passwords in the workplace in light of recent traction by other authentication options in consumer technology such as smartphones, personal email accounts, and mobile apps.
Why governments need an effective access management strategy [Q&A]


Governments and data make for a complex relationship. In some cases, agencies are obligated to make information publicly accessible. In others, sensitive data is highly regulated and therefore needs to be protected to keep it out of the public domain.
With key information changing hands internally via various departments and externally via third parties, it's vital that government agencies can access systems and share data securely -- particularly given increases in cyberattacks.
Cyber insurers play harder to get as claims increase


A new survey of over 300 organizations in the US finds that the time and effort to obtain cyber insurance is increasing significantly.
The survey, conducted by Censuswide on behalf of privileged access platform Delinea, looked to uncover new trends and evolving patterns since a similar report last year and finds that the numer of companies using their cyber insurance more than once increased to 47 percent.
Security professionals see a passwordless future drawing closer


We are moving nearer to a passwordless future according to a survey from Delinea carried out at at the 2023 Black Hat USA Conference.
A survey of 100 attendees finds 54 percent say that 'passwordless' is a viable concept while 79 percent agree that passwords are evolving or becoming obsolete.
Why'd you have to go and make PAM so complicated?


Avril Lavigne didn't quite sing that line but she might well have done if she'd worked in IT. More than two-thirds of IT managers (68 percent) say their current privileged access management (PAM) product is too complex or has too many features they don't use.
A new report from Keeper Security also finds that 87 percent of respondents would prefer a pared down form of PAM that is easier to deploy and use.
71 percent of businesses hit with insider attacks from malicious employees


Insider attacks including fraud, sabotage, and data theft, plague nearly three quarters (71 percent) of US businesses, according to Capterra's 2023 Insider Threats Survey.
Perhaps unsurprisingly companies that allow excessive data access are much more likely to report falling victim to insider attacks. However, only 57 percent of companies limit data appropriately while 31 percent allow employees access to more data than necessary and 12 percent allow employees access to all company data.
Complex PAM solutions mean organizations pay for features they don't need


Privileged access management (PAM) solutions are too complex, with 68 percent of organizations paying for features they don't need, according to a new report.
The report from Keeper Security finds 91 percent of organizations employ PAM and 84 percent of global IT leaders say they want to simplify their PAM solutions in 2023.
Breaches, privileged credentials and the SaaS application conundrum [Q&A]


Last year Toyota suffered a data breach due to accidentally exposing a credential allowing access to customer data in a public GitHub repository.
This type of breach could be avoided if organizations turned their focus on credentials that are exposed within SaaS applications. We spoke to Corey O'Connor, director of product at SaaS security platform DoControl, about why he believes identity security needs to go beyond just protecting the keys.
HP uses virtual machine technology to secure sensitive data


Privileged data and credentials are prime targets for attackers. Protecting this information is a challenge, particularly as systems have moved to the cloud and networks have become more diverse.
Larger organizations have often turned to things like privileged access workstations, but that means that access can only be made from a limited number of machines. HP Wolf Security has launched a new Sure Access Enterprise (SAE) product to protect users with rights to access sensitive data, systems, and applications but allow them to use a normal endpoint.
US businesses unprepared for rise in cyberattacks


The average US business faces around three successful cyberattacks each year, and while most agree that attacks are set to increase, 32 percent still lack a management platform for IT secrets, like API keys, database passwords and privileged credentials, posing a significant risk to organizational security.
A new US Cybersecurity Census Report from Keeper Security shows most organizations think they're prepared to fend off cyberattacks, with 64 percent of respondents rating their preparedness at least an eight on a 10-point scale and 28 percent rating themselves as a 10/10.
Recent Headlines
Most Commented Stories
BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.
Regional iGaming Content
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.