A new report released today by GuidePoint Security, in partnership with the Ponemon Institute, found that most organizations are falling short in their Identity and Access Management (IAM) strategy—leaving them vulnerable to identity-based threats.
Although 75% of cyberattacks leveraged identity-based threats last year, GuidePoint Security’s State of Identity and Access Management (IAM) Maturity Report has unveiled that IAM remains under-prioritized compared to other IT security investments, with most organizations still in the early to mid-stages of IAM maturity. Only half of respondents rate their IAM tools as effective, and even fewer (44%) express high confidence in their ability to prevent identity-based incidents.
The report also highlights significant gaps in IAM technology, expertise and resources—factors that are stalling programmatic maturity and making it more difficult for organizations to secure identities across today’s complex environments.
Key findings from The State of Identity and Access Management (IAM) Maturity Report include:
- IAM is underfunded and underdeveloped. Only 50% of respondents believe their IAM tools and investments are effective. Investments in IAM trail behind other security priorities.
- Manual processes and expertise gaps are barriers to maturity. A lack of appropriate technologies (54%), in-house expertise (52%) and resources (45%) are cited as top challenges to achieving IAM maturity. Many organizations still rely on spreadsheets, scripts and other manual efforts.
- IAM maturity is a path to enhanced security. A small group (23%) of organizations that have invested in automation and advanced IAM technologies report fewer security incidents and stronger identity controls. They lead in adopting biometric authentication, identity threat detection and integrated governance platforms.
- IAM implementation is misaligned with security goals. Surprisingly, 45% of respondents say the primary driver for IAM investments is to improve user experience—not security.
- There is a disconnect in program perception and reality. While most organizations report having policies in place or in development (83%), only 28% have these policies integrated into their IAM platforms.
The State of Identity and Access Management Maturity Report is based on responses from a comprehensive survey of 625 U.S.-based IT and IT security professionals involved in their organizations’ identity and access management program.
Click here to download The State of Identity and Access Management (IAM) Maturity, 2025
Like this:
Like Loading...
Related
This entry was posted on May 29, 2025 at 7:37 am and is filed under Commentary with tags GuidePoint. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
IAM Maturity Lagging Across Most Organizations, GuidePoint Security Finds
A new report released today by GuidePoint Security, in partnership with the Ponemon Institute, found that most organizations are falling short in their Identity and Access Management (IAM) strategy—leaving them vulnerable to identity-based threats.
Although 75% of cyberattacks leveraged identity-based threats last year, GuidePoint Security’s State of Identity and Access Management (IAM) Maturity Report has unveiled that IAM remains under-prioritized compared to other IT security investments, with most organizations still in the early to mid-stages of IAM maturity. Only half of respondents rate their IAM tools as effective, and even fewer (44%) express high confidence in their ability to prevent identity-based incidents.
The report also highlights significant gaps in IAM technology, expertise and resources—factors that are stalling programmatic maturity and making it more difficult for organizations to secure identities across today’s complex environments.
Key findings from The State of Identity and Access Management (IAM) Maturity Report include:
The State of Identity and Access Management Maturity Report is based on responses from a comprehensive survey of 625 U.S.-based IT and IT security professionals involved in their organizations’ identity and access management program.
Click here to download The State of Identity and Access Management (IAM) Maturity, 2025
Share this:
Like this:
Related
This entry was posted on May 29, 2025 at 7:37 am and is filed under Commentary with tags GuidePoint. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.