Difference between knowing about access risk and ability to fix it

97% aware of risk created by misused or stolen credentials, but only 29% confident of organisation’s ability to detect improper access.

  • 10 years ago Posted in

Call it the Data Breach Disconnect. A recent survey of IT security executives conducted by Courion®, a market-leading provider of intelligent identity and access management (IAM) solutions, reveals that while IT security executives understand the risk factors that lead to a data breach, their own organisations’ may not be able to effectively remediate those access risks.


For example, 72 percent were certain their organisation enforces a “least privilege” policy where employees only have access to what is needed to perform their daily duties, but 43 percent admit their organisation is unaware when access privileges are increased or when access behaviour departs from the norm. And an overwhelming majority, or 97 percent, acknowledge that misused or stolen access credentials provide a network entry point for hackers, but only 29 percent are confident that their organisation is able to detect improper access.


“IT security executives are under tremendous pressure to provide open access to stakeholders while at the same time controlling access risks in the face of constant attacks,” said Kurt Johnson, Vice President of Corporate Strategy for Courion. “Beyond perimeter defence, effective identity and access management is the answer to minimising the likelihood or impact of a data breach, and IAM is made much easier with the diagnostic capabilities of identity analytics and intelligence.”


Evidence of the need for a more intelligent approach to IAM is demonstrated by the fact that 43 percent of respondents know someone whose organisation has suffered a data breach in the last six months, and 84 percent agree that it is not whether your organisation will be breached, but rather, what you are able to do to reduce the damage of a breach.


With an identity and access intelligence solution, like Access Insight™, organisations can quickly and easily uncover access vulnerabilities, such as excess privileged access, users with entitlements gained through nested and inherited access rights, or orphaned accounts that need administrative oversight. Access Insight can be used with any leading Identity Governance and Administration (IGA) solution to reduce access risk and improve ongoing IAM operations.

New state-of-the-art data centre features Vultr’s first AMD GPU supercompute cluster.
Only a quarter (25%) think their approach to the cloud is carefully considered and successful.
Moving to AWS Cloud will enable The Co-operative Bank to adopt cutting edge IT Infrastructure.
The global airline group will upgrade the value of its data and get its AI & generative AI ready...
Barracuda Networks’s award-winning Email Protection and Cloud Backup security solutions will be...
Leading company in renewables to leverage HPE’s unique turnkey AI infrastructure solution to...
The four-year project extension focuses on cloud transformation and enhanced operational efficiency...
Businesses in the UK are risking slower development as they fail to fully embrace technologies that...