Privileged credential abuse involved in 74% of data breaches, says study

Cybercriminals are continuing to target low-hanging fruit; according to a new study from Centrify, the security and identify firm, while 74% of data breaches involved privileged credential abuse, identity and access management resources are severely lacking among enterprises. The survey of 1,000 IT decision makers, 500 from the U.K. and 500 from the U.S., found that 52% of respondents do not have a password vault; while 63% indicate their companies usually take more than one day to shut off privileged access for employees who leave the company. Furthermore, 44% of UK IT decision makers didn’t know what privileged access management is. “What’s alarming is that most organisations aren’t taking the most basic steps to reduce their risk of being breached,” said Tim Steinkopf, CEO of Centrify. According to the survey, UK respondents are behind their US counterparts when it comes to managing privileged access. This affects their confidence in the ability to secure their organisations, as only 36% of UK respondents are “very confident” in their company’s current IT security software compared to 65% of US respondents.