Published: 22 January 2024
Summary
Identity and access management is a foundational, yet complex, component of every cybersecurity program. To enable digital business outcomes, cybersecurity leaders must move beyond compliance-based IAM and fully integrate IAM into the cybersecurity strategy.
Included in Full Research
Overview
Key Findings
CISOs often do not seethe identity and access management (IAM) function as a program, leading to a siloed approach that casts IAM as a purely operational activity.
CISOs often lack comprehension of the IAM program and fail to align it with the security initiatives in the prioritization and planning of projects and initiatives.
IAM metrics are often performance-oriented, technical and inward-looking, and lack business context that is useful for CISOs and C-level executives.
Credential compromise is the leading cause of breaches, yet traditional security controls often don’t include IAM-specific use cases.
The broad adoption of cloud services, digital supply chains and
Clients can log in to view the entire
document.