Inaugural Identity Risk Research Report Discovers Identity Risks in All Organisations;
NEW YORK and TEL AVIV, Israel: Illusive has announced the publication of Analyzing Identity Risks (AIR) 2022, a cybersecurity research report that examines the unmanaged, misconfigured and exposed identity risks that leave all organisations vulnerable to attack, despite the deployment of privileged account management (PAM), multi-factor authentication (MFA) and other identity and access management (IAM) solutions. Illusive has witnessed these blind spots firsthand while working with numerous security teams in the financial services, healthcare, and retail sectors to produce this report.
The company also announced the launch of Illusive SpotlightTM and Illusive ShadowTM, its patented identity risk management platform that enables organisations to automatically and continuously discover, mitigate and protect against identity risks.
According to Gartner®, “Many breaches are caused by security and identity tools that have been misconfigured, not fully configured or whose configurations are out of date.”1
Exploitable identity risks enable attackers to gain initial access, establish their persistence on a network, elevate their privileges, evade defenses, and accelerate their lateral movement until they have taken complete control.
Analyzing Identity Risks (AIR) 2022 includes quantitative insights into unmanaged, misconfigured and exposed identity risks, as well as real-world examples of how these identity risks manifest themselves. Key findings include:
- Unmanaged Identity Risks – 87% of local admins were not enrolled in PAM solutions, such as Microsoft’s Local Administrator Password Solution (LAPS).
- Misconfigured Identity Risks – 40% of shadow admins (i.e., misconfigured users with unintended privileges) can be easily exploited – if an attacker compromised one of these misconfigured identities, they would only need one entitlement, such as resetting the password of a domain admin, to elevate their privileges to a Domain Admin.
- Exposed Identity Risks – More than 1 in 10 (13%) endpoints contain privileged account passwords that have been left exposed (e.g., cached credentials). This is the digital equivalent of leaving your username and password written on a sticky note, and there are a variety of tools that attackers utilize to dump these privileged credentials so that they can be exploited.
“As ransomware attacks reach record-breaking levels, the complexity of managing Active Directory and the limitations of existing identity and access management solutions have created an identity security gap that attackers easily exploit,” said Ofer Israeli, CEO & Founder, Illusive. “And it isn’t just a gap – it’s a major blindspot – this research is proof that organisations lack visibility into the identity risks that leave them vulnerable to an attack.”