Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Ponemon Institute is pleased to announce the release of Flipping the Economics of Attacks, sponsored by Palo Alto Networks. In this study, we look at the relationships between the time spent and compensation of today’s adversaries and how organizations can thwart attacks. As revealed in this research, while some attackers may be motivated by non-pecuniary reasons, such as those that are geopolitical or reputational, an average of 69 percent of respondents say they are in it for the money.


New Research on Privileged Access Management Reveals the Status Quo Is Not Secure

October 11, 2019, 9:00 am

Ponemon Institute is pleased to announce the release of a new study that presents four years of research on how elevated access to high-value information assets can be a serious risk to organizations when not properly secured. Sponsored by Sila Solutions Group, the 659 respondents we surveyed self-reported that they have privileged access to IT resources and 77 percent of these respondents have access to at least three IT resources with 40 percent holding privileged access to six or more IT resources.

The key takeaway from this research is that the status quo in privileged access management programs is not decreasing the risk to critical information resources. In fact, 56 percent of respondents expect privileged user abuse to increase in the next 12 to 24 months, a significant increase from 44 percent of respondents in the 2011 research. Following are problems organizations face when trying to mitigate the risk:

  • Employees or contractors often access sensitive or confidential data without a business need and sometimes share their access credential with others in the organization.
  • Organizations don’t have a unified view of privileged user access across the enterprise.
  • A lack of resources, in-house expertise and in-house technologies are challenges to improving the efficiency and security of access governance process. Specifically, organizations are struggling to keep pace with the number of access change requests and to reduce burdensome processes for business users requesting access.
  • Too much reliance on manual processes for granting privileged user access and reviewing and certifying privileged user access hinders organizations’ abilities to meet growing requests for access changes.

According to the research, business and IT leaders need to look beyond simple tool integration and a check-the-box mentality. To learn more about how to address the challenge of achieving a more secure privileged access management the full report is available for download.

Warmest regards,

Dr. Larry Ponemon

Security (23)
Privacy (22)
global security (1)
Providers (1)