"Despite all the warnings, and constant news of devastating cyberattacks, enterprise users are still cutting corners when it comes to identity and access management (IAM). Nearly two-thirds (63%) of cybersecurity leaders admit their employees continue to bypass security controls so they can work faster, according to new research by security company CyberArk. Furthermore, enterprises are struggling to establish access policies for emerging AI agents and other agentic tools."
"CyberArk surveyed 500 leaders involved in privileged access management (PAM) in identity and infrastructure roles, including DevOps engineers, security managers, cloud security architects, database managers, site reliability and software engineers, and IT support specialists. They report that in their organizations: Just 1% have fully implemented a modern just-in-time (JIT) privileged access model; 91% say at least half of their privileged access is always-on (standard privilege), providing unrestricted, persistent access to sensitive systems; 45% apply the same privileged access controls to human and AI identities; 33% lack clear AI access policies."
"The research also revealed a growing issue with "shadow privilege," accounts and secrets that are unmanaged, unnecessary, and unknown to cybersecurity leaders. CyberArk found that 54% of organizations uncover these types of accounts and secrets every week."
A large number of employees continue to bypass identity and access management controls to work faster, with 63% of cybersecurity leaders reporting such behavior. Organizations are struggling to define access policies for agentic AI and other agentic tools, and 33% lack clear AI access policies. Privileged access remains largely inadequate: only 1% have fully implemented a modern just-in-time privileged access model, while 91% report at least half of privileged access is always-on. Forty-five percent apply the same privileged controls to human and AI identities. A growing "shadow privilege" problem appears, with 54% finding unmanaged accounts and secrets weekly.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]