Virtualization Technology News and Information
Article
RSS
Half of Enterprises Surveyed Have Experienced a Security Breach Due to Unmanaged Non-Human Identities, According to AppViewX Report

AppViewX announced the release of a new report titled, Securing Non-Human Identities: Insights for an Effective Cybersecurity Program. Conducted in partnership with TechTarget's Enterprise Strategy Group (ESG), the report surveyed 367 IT, cybersecurity, and DevOps professionals to assess the growing volume and risks associated with non-human identities (NHIs) in modern IT environments.

The research exposes the security threats associated with NHIs, which include machine identities, digital certificates, API cloud keys, service accounts, and other automated systems. According to the report, NHIs outnumber human identities by a factor of 20, yet nearly one in five are inadequately protected. The study also found that 66 percent of enterprises have experienced a successful cyberattack resulting from compromised NHIs. Additionally, 57 percent of the episodes where organizations suffering a successful attack tied to NHI compromises got Board of Directors attention.

"Non-human identities represent one of the most significant attack surfaces within today's enterprises," said Todd Thiemann, Senior Analyst at ESG. "Without proper management and security controls, NHIs can lead to costly data breaches, operational disruptions, and compliance failures. This report provides valuable insight into the current NHI landscape, how organizations are addressing risks, and their intentions for ensuring continuous security as their NHI volume grows."

Key Findings from the Report Include:

  • NHI Proliferation: Organizations now manage 20 times more non-human identities than human ones, with more than 50% expecting this number to increase by over 20% in the next year.
  • Compromise Incidents: Nearly 46% of organizations have experienced breaches related to non-human identities, with the average enterprise suffering 2.7 incidents in the past year.
  • Visibility and Lifecycle Challenges: A significant portion of respondents reported poor visibility into their NHI environment, with many lacking confidence in their ability to secure and manage these identities effectively.
  • Increased Investment in Security: Over 80% of organizations expect to increase spending on non-human identity security, with a focus on identity threat detection, certificate lifecycle management, and workload access control.

"The complexity of modern cloud environments makes managing non-human identities manually unfeasible, even for smaller organizations. Meanwhile, digital transformation, AI and cloud-first initiatives are pushing the population of these digital identities to near exponential growth," said Gregory Webb, Chief Executive Officer at AppViewX. "Automated certificate lifecycle management and crypto-agility are key to avoiding security lapses, preventing costly outages and reducing exposure to cyber threats. This report underscores both the scale and severity of the problem."

Availability

The full Securing Non-Human Identities report is available for download on the AppViewX website at www.appviewx.com/NHI-report.

Published Monday, September 30, 2024 1:51 PM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<September 2024>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
293012345