Difference between knowing about access risk and ability to fix it

97% aware of risk created by misused or stolen credentials, but only 29% confident of organisation’s ability to detect improper access.

  • 9 years ago Posted in

Call it the Data Breach Disconnect. A recent survey of IT security executives conducted by Courion®, a market-leading provider of intelligent identity and access management (IAM) solutions, reveals that while IT security executives understand the risk factors that lead to a data breach, their own organisations’ may not be able to effectively remediate those access risks.


For example, 72 percent were certain their organisation enforces a “least privilege” policy where employees only have access to what is needed to perform their daily duties, but 43 percent admit their organisation is unaware when access privileges are increased or when access behaviour departs from the norm. And an overwhelming majority, or 97 percent, acknowledge that misused or stolen access credentials provide a network entry point for hackers, but only 29 percent are confident that their organisation is able to detect improper access.


“IT security executives are under tremendous pressure to provide open access to stakeholders while at the same time controlling access risks in the face of constant attacks,” said Kurt Johnson, Vice President of Corporate Strategy for Courion. “Beyond perimeter defence, effective identity and access management is the answer to minimising the likelihood or impact of a data breach, and IAM is made much easier with the diagnostic capabilities of identity analytics and intelligence.”


Evidence of the need for a more intelligent approach to IAM is demonstrated by the fact that 43 percent of respondents know someone whose organisation has suffered a data breach in the last six months, and 84 percent agree that it is not whether your organisation will be breached, but rather, what you are able to do to reduce the damage of a breach.


With an identity and access intelligence solution, like Access Insight™, organisations can quickly and easily uncover access vulnerabilities, such as excess privileged access, users with entitlements gained through nested and inherited access rights, or orphaned accounts that need administrative oversight. Access Insight can be used with any leading Identity Governance and Administration (IGA) solution to reduce access risk and improve ongoing IAM operations.

Talent and training partner, mthree, which supports major global tech, banking, and business...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
GPUaaS provides customers on-demand access to powerful accelerated resources for AI, machine...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...
Strengthening its cloud credentials as part of its mission to champion the broader UK tech sector...
Nearly all UK IT managers surveyed (98%) state cloud investment is an organisational priority for...
LetsGetChecked is a global healthcare solutions company that provides the tools to manage health...
Node4 to the rescue.