We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Today, identity governance solution provider Saviynt released its State of Enterprise Identity research report, a study of over 1,000 IT and IT security practitioners across the United States and EMEA to examine how enterprises are responding to the onslaught of identity-based attacks.
The research finds that while 56% of enterprises averaged three identity-related data breaches in the last two years, only 16% have fully mature identity and access management (IAM) programs. This is the case even though 52% recognize that a past breach was due to lack of comprehensive identity controls or policies.
Despite this, many organizations admitted the limitations of current IAM approaches. For instance, only 35% in the Saviynt study admitted they have high confidence in achieving visibility of privileged user access.
The mandate for IAM
Over the past few years, IAM has become a must-have, mainly due to the fact that identity-based attacks were pinpointed as the top cyberthreat of 2021, which these solutions can prevent by gatekeeping unauthorized users from critical data assets.
Despite this, many organizations openly admitted the limitations of current IAM approaches.
For instance, only 35% in the Saviynt study say they have high confidence in achieving visibility of privileged-user access. And 61% of respondents said that they couldn’t keep up with changes occurring to their IT resources.
It gets worse: 46% admitted that their business failed to comply with regulations due to access-related issues. Across the board there was a general lack of a complete IAM strategy.
“We’ve found that most enterprise IAM programs have not achieved maturity, leaving companies struggling to reduce identity and access-related risks,” said chief strategy officer of Saviynt, Jeff Margolies.
“Our research findings should serve as a wake-up call to C-level executives and security leaders: The absence of a modern IAM program fuels the risk of rising identity and access-related attacks and their financial consequences,” Margolies said.
The IAM market
As identity-based attacks have become a bigger threat, the global IAM market is also growing considerably, with researchers valuing the market at $12.26 billion in 2020, projected to reach a value of $34.52 billion in 2028 as cloud adoption has increased to the point where enterprises need to be much more effective at verifying digital identities.
Many providers have focused IAM as one of the key solutions for securing the modern enterprise IT estate, with Okta and Okta Identity Cloud standing as one of the main competitors in the market.
Okta Identity Cloud is a zero-trust access management solution with single sign-on (SSO) and adaptive multifactor authentication so that employees can securely access the data they need. Okta recently announced that fiscal year 2022 revenue totaled $1.3 billion.
Another key competitor in the market is JumpCloud, which offers a unified device and identity access management platform, linking devices’ identities and access to a single platform that acts as a secure directory for users, with SSO and user lifecycle management capabilities.
Last year JumpCloud raised $159 million and achieved a $2.56 billion valuation.
For enterprises that are falling behind in IAM, the good news is that there are numerous providers investing to make the process as user-friendly as possible so authorized users can log in without being overwhelmed by authentication mechanisms.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.