Identity management was analyzed in a recent report by Anetac. The report reveals trends in machine identity vulnerabilities, including service accounts, APIs and tokens as well as human accounts that leave organizations vulnerable to potential cyberattacks. The most common, critical issues lie within the lack of visibility and oversight of service accounts.
Key findings include:
- Visibility epidemic: 44% of IT security professionals rely on manual logging for service account visibility, while 10% admit to no visibility measures at all. Meanwhile, 47% depend on static tools, potentially missing real-time security threats.
- Hybrid account misuse: 75% of organizations report the dangerous practice of using service accounts as human accounts or vice versa, blurring the lines between automated processes and individual user actions1. Hybrid account misuse happens both on-premises and in the cloud.
- Company assets at risk: A significant 76%5 of IT security professionals acknowledged that their service accounts have direct access to the company's crown jewels — the most critical and sensitive assets. However, 40% reported that only 0-14% of their service accounts have such high-level access.
- Prolonged password rotation cycles: Fifty-three percent of security professionals take 13 weeks or more to rotate service account passwords, with 35% extending this period to 16 weeks or beyond4. Even more concerning, 3% of respondents admit to rotating these critical passwords only once every 1-5 years.
- Lack of visibility in identity management, hybrid account misuse, and poor cyber hygiene have always posed challenges in cybersecurity, but AI has significantly raised the stakes. Organizations can no longer rely solely on their teams without modern, up-to-date tools.
.jpg?height=200&t=1683750619&width=200 "laptop open on desk")
