Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Ponemon Institute is pleased to announce the release of Flipping the Economics of Attacks, sponsored by Palo Alto Networks. In this study, we look at the relationships between the time spent and compensation of today’s adversaries and how organizations can thwart attacks. As revealed in this research, while some attackers may be motivated by non-pecuniary reasons, such as those that are geopolitical or reputational, an average of 69 percent of respondents say they are in it for the money.


What are the 12 global trends in identity governance and access management?

October 25, 2016, 9:00 am

Ponemon Institute is pleased to present the findings of Global Trends in Identity Governance & Access Management, sponsored by Micro Focus. The purpose of this study is to understand companies’ ability to protect access to sensitive and confidential information and what they believe is necessary to improve the protection. All participants in this study are involved in providing end users access to information resources in their organizations. Some of the trends discussed in the report are:

  1. Employees are frustrated with access rights processes, and IT security is considered a bottleneck.
  2. Responding to requests for access is considered slow.
  3. Control over access management is decentralized.
  4. Certain technologies are considered an important part of meeting identity governance and access management requirements.
  5. A single-factor authentication approach is no longer effective.
  6. Integration of machine learning within identity governance solutions is critical (64 percent of respondents).
  7. The most difficult access policies to implement are those for enforcing access policies in a consistent fashion across all information resources in the organization.
  8. End users have more access than they should.
  9. Migration to Mobile First and mobile platforms has affected access management approaches.
  10. New threats created by disruptive technologies will reduce organizations’ ability to mitigate governance and access management risks.
  11. The ability to manage access in the Internet of Things (IoT) is a concern.
  12. Effective identity governance and access management across the enterprise is achievable.

We hope you will read our latest report on this topic.


Dr. Larry Ponemon 


June 9, 2017 12:05pm

Great report Dr. Ponemon, thank you.

What are your thoughts on ISO v27002 vs the current NIST CSF?

Security (23)
Privacy (22)
global security (1)
Providers (1)