• 76% of respondents said their organisations store sensitive data such as emails, salary info, IP, customer or HR data in the cloud
  • Yet, detecting malicious actors in real-time is still a struggle (26%), as is spotting an insider attack (23%), and real time attack prevention e.g. terminating the connection (14%).
  • Nearly 30% have found GDPR ineffective or that data breaches of personal details seem to have gotten worse
  • One third of cyberattacks are a result of unanticipated, not-yet-known hacking methods

LONDON, UK – 5 September, 2019: One Identity, a proven leader in helping organisations get Identity and Access Management (IAM) right, today announced the results of a survey of over 300 security professionals. The results indicated that while the majority of organisations store sensitive data, such as emails, salary and compensation details, intellectual property and customer data in the cloud (76%), they still struggle with detecting a breach, with two-thirds confessing that it would take an hour or longer to spot a hijacked account, if at all.

Worryingly, the real time detection of malicious actors within the system is difficult for more than a quarter of organisations (26%), which together with spotting an insider attack (24%) were recognised as the most challenging aspects of dealing with a cyberattack.

Nearly all breaches involve a malicious actor escalating privileges or with an insider abusing their access permissions. I was surprised to find out that – knowing where an attack will likely come from – so many respondents admitted to being unprepared,” said Todd Peterson, IAM evangelist at One Identity.

This poses a concern especially in light of the European General Data Protection Regulation (GDPR), which is now over a year old, and stipulates that data breaches must be reported within 48 hours of the breach discovery. However, the time to discovery is more likely to be months – according to the latest Data Breach Investigation Report created by Verizon. The study also found that GDPR is a very divisive topic among security professionals, indicating that nearly a third of respondents (30%) think that GDPR regulations were either ineffective or that data breaches seemed to have gotten worse.

Shedding some light on the findings, Peterson explained:

“GDPR was never meant to protect the data against hacks, and the feeling that data breaches have increased since its introduction is probably due to the fact that many data leaks that would otherwise go unnoticed now need to be reported to the relevant regulatory bodies.”

“What GDPR did do, however, was make people more conscious about data and privacy, and made companies think about the importance of knowing who can – and tracking who does – access databases of sensitive information. This study proves that there is still work to be done on educating the industry, particularly around equating compliance to security,” he concluded.

About the One Identity Info Security Europe survey

The One Identity Info Security Europe study consisted of an online survey conducted by One Identity representatives with conference attendees at the exhibit hall on the Nuvias stand, its value added distributor, in London’s Olympia conference centre from at the 4-6 June 2019.Three hundred individuals participated in the study. One Identity offers a free online data report on its website, here.

About One Identity

One Identity, a Quest Software business, helps organizations get identity and access management (IAM) right. With a unique combination of offerings including a portfolio of identity governance, access management and privileged management, and identity as a service that help organizations reach their full potential, unimpeded by security yet safeguarded against threats. One Identity has proven to be a company unequalled in its commitment to its customers’ long-term IAM success. More than 7,500 customers worldwide depend on One Identity solutions to manage more than 125 million identities, enhancing their agility and efficiency while securing access to their data -- wherever it might reside. For more information, visit http://www.oneidentity.com.

Media contacts

Andrea Ipolyi
One Identity Global PR
+36 1 398 6700

Beth Smith
Eskenzi PR
0207 183 2843

Related Content