A cybersecurity survey of 262 IT executives by SailPoint showed an impressive number: all respondents (100%) confirmed that their organizations had a security compromise in the 12 months prior to the survey. Of this total, 32% stated that one million or more digital identities were stolen. In addition, 71% of respondents said that compromised identities led to unauthorized access to data that should have been deleted or destroyed.
Of the 262 technology professionals interviewed about identity-based cybersecurity incidents, 40% serve as IT managers or directors and 29% as security managers or directors. The rest is divided into categories related to security and IT.
The sectors represented in the respondent pool are equally diverse. The top five sectors represented are computer manufacturing (hardware, software, peripherals), computer and network services / consulting, information technology (the description for “others”), application / internet service provider and data processing services . Bank and retail tied for sixth place.
34% of respondents work for large companies (more than 10,000 employees), with 21% working for companies with more than 50,000 employees and 66% of respondents work for medium-sized companies. Companies with fewer than 500 employees were not considered for the survey.
Other findings:
- 75% of respondents said that compromising identities was facilitated by access with excessive rights or permission;
- 83% said the compromise allowed unauthorized access to digital identity information, including that of employees, partners, contractors and customers;
- 66% of respondents said that digital identities that were supposed to be inactive were compromised during the security incident.
“Clearly, the pivot toward cloud adoption and quick access to critical applications and systems in the past year has accelerated the pace of business. This has generally been great for business, but there is a downside to the rapid adoption of the technology. The results of this study confirmed what many of us have observed anecdotally for years, ”commented Grady Summers, SailPoint’s VP of product. “A good security program starts by protecting identities. We make it easy for attackers when identities are left active months after users leave the organization or when an identity has far more privileges than necessary to get the job done. The results of the research are fascinating because they clearly show how organizations can limit the radius of an attack by focusing on identity security. “
See the original post at: https://www.cisoadvisor.com.br/32-das-empresas-sofreram-roubo-de-identidades-digitais/?rand=59039
