Research from Cerby highlights a troubling trend in identity security: organizations believe they are secure, but most still rely on manual processes rather than automation. Despite the effectiveness of security measures like Multi Factor Authentication (MFA), nearly 89% of companies expect employees to enable it manually, leading to vulnerabilities. Additionally, 59% of IT teams still manage user provisioning and deprovisioning manually, exposing organizations to potential unauthorized access. The pervasive human error in these processes underscores the urgent need for automation to strengthen identity security and minimize risks.
For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people-not systems-to function.
Human error remains one of the biggest threats to enterprise security. Verizon's 2025 Data Breach report found that the human element was involved in 60% of breaches. The same manual missteps that led to breaches a decade ago still expose identity systems today.
41% of end users still share or update passwords manually, using insecure methods like spreadsheets, emails, or chat tools. They are rarely updated or monitored, increasing the likelihood of credential misuse or compromise.
Nearly 89% of organizations rely on users to manually enable MFA in applications, despite MFA being one of the most effective security controls. Without enforcement, protection becomes optional, and attackers know how to exploit that inconsistency.
Collection
[
|
...
]