Identity is the most important security capability that every organization must get right. The expansion of workloads into the cloud and widespread adoption of SaaS solutions, coupled with the growing sophistication of cybersecurity attacks utilizing advanced techniques and AI, has rendered traditional network perimeter-based security ineffective. With 90% of organizations experiencing an identity-related incident in the last year, identity security programs are the critical line of defense against mitigating potentially existential threats to the business.
As companies started evaluating their horizon maturities, we also realized there was more to this story, including:
- Timelines to scale and typical barriers: Organizations at the beginning of their identity journeys are eager to learn more about (1) the barriers their peers face and what those journeys have looked like and (2) how they can accelerate their own maturity journey to deliver faster value at a lower cost.
- Comprehensiveness of capability coverage: Many of the mature organizations we spoke to felt that they had strong identity security programs due to the fact that they have invested in developing advanced capabilities such as AI-driven provisioning. However, many didn’t realize just how few of the identities, data, apps, and infrastructure in their environment were actually governed by those capabilities – resulting in unexpected risk exposure and missed value opportunity.
In this report, we took our analysis further by exploring the identity-related capabilities companies are investing in, the coverage of those capabilities, timelines to scale, and typical barriers faced (and how to overcome them).