The Authorization Status of Identity Safety 2024: An Upheaval in Identity Protection Is Approaching

AndyC 24 October 2024

Oct 23, 2024The Hacker NewsIdentity Security / Data Protection

Identity protection takes center stage given the recent security breaches involving companies like Microsoft, Okta, Cloudflare, and Snowflake, among others.

Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large

Oct 23, 2024The Hacker NewsIdentity Security / Data Protection

Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large

Identity protection takes center stage given the recent security breaches involving companies like Microsoft, Okta, Cloudflare, and Snowflake, among others. Enterprises are beginning to recognize the necessity for a significant change in how we address identity protection from both a strategic and technological perspective.

Identity safety surpasses mere access provisioning

The traditional perspective of considering identity protection mainly revolving around granting and revoking access for applications and services, often done haphazardly, is no longer adequate. This viewpoint was highlighted as a prevalent theme in the Permiso Security State of Identity Safety Report (2024), which indicates that despite increasing confidence in identifying security risks, nearly half of organizations (45%) still express “concern” or “extreme concern” about their current tools’ ability to identify and protect against identity security breaches.

Identity Security

A survey commissioned by Permiso conducted during the summer, engaging with over 500 IT security and risk professionals having direct control or influence on security and risk decisions, revealed that despite increased investments, maturity, and confidence in cyber risk control measures, organizations are still wary in the face of advancing identity threats.

Notable findings include:

  • Software as a Service (SaaS) is perceived as the most precarious environment.
  • 93% of organizations claim to be able to catalog identities across all platforms and track keys, tokens, certificates, and any alterations made to any platform.
  • 85% can identify “who is performing what” across dispersed authentication boundaries.
  • 45% are either “concerned” or “extremely concerned” about their current tools’ ability to identify and thwart identity security threats.
  • 45% experienced an identity security incident in the previous year, with impersonation attacks being the primary threat vector.

Can unapproved identities be pinpointed?

Although 86% of organizations believe they can recognize their riskiest identities (human and non-human), nearly half (45%) fell victim to an identity security incident in the last year, with impersonation attacks being the predominant threat vector, indicating that socially engineered attacks persist as a pervasive danger to organizations.

Concerning repercussions for those affected by breaches, the focus on sensitive information like personally identifiable data (PII) and intellectual property (IP) was the top priority for 54% of breached entities. Additionally, 46% of organizations reported that threat actors escalated privileges and targeted their supply chains (45%) on both the vendor and customer sides.

Identity Security

Human identities pose a vulnerable target

An intriguing discovery was that human identities are perceived as the riskiest, with employees ranking at the top. In contrast to widespread industry promotion, non-human identities (e.g., API keys, OAuth tokens, service accounts) are viewed as less risky compared to their human counterparts.

Identity Security

Identity protection is compartmentalized

There is a lack of clarity regarding what identity safety responsibilities entail for the current hybrid and multi-cloud landscape. Despite the majority of organizations utilizing an average of 2.5 public clouds, the IT team (56%) was singled out as primarily accountable for ensuring organizational identity protection across various settings. This might suggest that identity is still predominantly viewed as limited to access provisioning and deprovisioning. According to Jason Martin, Co-CEO and Co-Founder of Permiso, this observation could be interpreted by explaining that “identity security has traditionally fallen within the general remit of IT responsibilities, who are tasked with overseeing IT systems, which includes granting access and safeguarding identities. In only a minority of organizations do we see the security department playing a primary role.”

“Security budgets are directed towards safeguarding identities.”

Identity Security

Security budgets seem to be divided into compartments, with SaaS (87%) and IaaS (81%) environments receiving the majority of security investment compared to all environments (46%). In terms of tools, the IaaS layer (66%) has been the primary focus with a mix of cloud native security tools like AWS GuardDuty and CNAPP solutions being utilized.

While organizations exhibit a level of awareness regarding the cybersecurity threats they face, there is room for improvement in detecting and responding to identity threats promptly. Notably, the ability to recognize and prevent credential compromise, account takeover, and insider threats was identified as the most significant concern for organizations.

Advancing towards comprehensive identity security

The responsibility falls on all of us – the vendors, organizations, and the wider security community – to rethink the necessary elements required from a people, process, and technology perspective to safeguard the increasing risk posed by human and non-human identities. In this context, we must transform identity security beyond simply managing access to applications and services, to perceive it as a strategic business catalyst.

Permiso Security was established to tackle this challenge, making unified identity security for all identities in every setting a reality.

Access the full report here: https://hero.permiso.io/state-of-identity-security-survey-report-2024

Discover more about how Permiso can aid in implementing this strategy within your organization.

Found this article intriguing? This article is a contributed piece from one of our esteemed partners. Follow us on Twitter and LinkedIn to explore more exclusive content we publish.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , ,

More Stories

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

AndyC 20 December 2025
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

AndyC 20 December 2025
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

AndyC 20 December 2025
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

AndyC 20 December 2025
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

AndyC 20 December 2025
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

AndyC 19 December 2025

You may have missed

Surge of OAuth Device Code Phishing Attacks Targets M365 Accounts

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

AndyC 20 December 2025
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

AndyC 20 December 2025

Microsoft 365 accounts targeted in wave of OAuth phishing attacks

AndyC 20 December 2025
State-linked and criminal hackers use device code phishing against M365 users

State-linked and criminal hackers use device code phishing against M365 users

AndyC 20 December 2025
Three ways teams can tackle Iran’s tangled web of state-sponsored espionage

Three ways teams can tackle Iran’s tangled web of state-sponsored espionage

AndyC 20 December 2025

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.