A survey of over 2,100 technology and cyber security managers globally shows that 60% of them cannot work on their cyber security strategy. According to them, this strategy is not in line with the current state of cyber threats, so they say they are lagging (20%), stable (13%), or simply “on the run” to keep up (27%) new With security solutions.
Specifically, the study by Delinia in more than 20 countries, including Spain, aimed to explore the attitudes of those responsible for cybersecurity toward the protection and security of privileged identities.
The difference between the effectiveness of their strategy and the perception of those responsible for safety in relation to the actual effectiveness is one of the aspects addressed by the study. 40% of respondents believe they are following the right strategy, with 84% of companies saying they have experienced an identity-related breach or stolen credential attack in the past year and a half.
Compared to other countries, Spanish respondents appear to be more confident in their security strategies, with 50% saying they are continually adapting their security solutions to cover new threats, and only 5% feeling that They are falling behind.
One of the main findings of the study is that 87 percent of those surveyed confirmed that protecting identity would be a priority over the next 12 months. But at the same time, three-quarters (75%) of IT and security managers also believe they will not be able to protect privileged identities because they will not get the support they need. This is largely due to budget and executive misalignment, with 63% of respondents saying that their company’s leadership still does not understand the role of identity security in enabling better business operations.
Research shows that companies have a long way to go when it comes to protecting privileged identities and access. And it is that less than half of the organizations surveyed have implemented consistent security policies and procedures for managing privileged access. And 52% allow privileged users to access sensitive systems and data without the need for multi-factor authentication.
The report also highlights another “dangerous oversight” of organizations: privileged identities include human (such as local and domain administrators) and non-human, such as service accounts, applications, code, and other types of machine identities. Those who add and share privileged information automatically. Yet only 44% of organizations manage and protect machine identities.
Source: Five Days