SailPoint Technologies has released its third-annual “Horizons of Identity Security” report, emphasizing the growing importance of advanced identity security for organizations worldwide. The 2024-2025 report, based on data from 350 global cybersecurity leaders, highlights how mature identity security practices deliver outsized returns on investment by reducing cyber risk, boosting productivity, and unlocking business value.
A key theme from the report is that organizations with mature identity security practices can “bend the identity security-to-value curve,” achieving compounding benefits that far exceed the linear returns typically seen from other cybersecurity investments. This finding is particularly significant as businesses face increasingly sophisticated cyber threats, tightening budgets, and the growing complexity of managing digital identities, particularly non-human machine identities, projected to increase by 30% over the next five years.
Impact on Cyber Insurance Premiums
One of the more pressing issues highlighted in the report is the role of identity security in managing rising cyber insurance premiums. According to the survey, 92% of respondents reported that insurers are now rigorously assessing cyber capabilities, including identity security, before setting premiums. With the growing frequency and sophistication of cyberattacks, insurance providers are adjusting their risk assessments accordingly, often raising premiums. However, organizations with mature identity security programs can mitigate these premium hikes by demonstrating robust identity management capabilities.
The report found that more than 70% of identity security decision-makers believe that identity security is one of the top three most impactful capabilities influencing insurance premiums, with a quarter naming it as the most critical factor. This suggests that investing in identity security can help organizations reduce cyber risk and control insurance costs.
Our further takeaways follow; you can get the whole report here.
Machine Identities: A Growing Challenge
A significant finding in the report is the increasing importance of machine identities, which include bots, AI models, and other non-human entities that require digital access to systems and data. Machine identities now represent over 40% of all identities in many organizations, and this figure is expected to grow. With this rapid expansion, organizations that fail to extend identity security measures to these non-human identities risk leaving significant vulnerabilities in their cyber defenses.
Mature organizations are better positioned to manage this shift. The report highlights that those in the advanced stages of their identity security journey have 87% more coverage of machine identities compared to less mature organizations, which translates into better protection against the growing risks associated with machine-driven processes.
AI-Powered Solutions
Another crucial trend identified in the report is the growing adoption of AI-powered identity security solutions. Organizations that have reached higher identity security maturity are 1.7 times more likely to use AI in their identity management practices. These AI-driven solutions allow businesses to scale their identity security operations efficiently, improving productivity and reducing costs.
For instance, AI-powered automation can streamline processes such as user onboarding, access reviews, and role assignments, freeing up valuable time and resources. Organizations in the report that have embraced AI in their identity security practices report faster time-to-market for digital initiatives and improved overall business performance.
Third-Party and Non-Human Identity Management
The report also highlights that organizations with advanced identity security practices are better at managing third-party and non-human identities. These organizations have 50% more coverage of third-party identities, which is critical in today’s interconnected digital ecosystems where businesses rely heavily on external vendors and service providers. The increased coverage reduces the risk of third-party breaches, which have become a growing concern in cybersecurity.
In contrast, organizations in the early stages of their identity security journey struggle to keep pace with the growing number and complexity of digital identities, leaving them vulnerable to cyber threats. SailPoint’s research found that while 41% of organizations remain in the initial stages of their identity security journey, only 10% have progressed to the most advanced stages, highlighting the significant room for improvement across industries.
Subscribe to our weekly cyber insurance newsletter!
Reducing Risk and Enhancing Productivity
The 2024 Horizons of Identity Security report underscores the tangible benefits that organizations can achieve by maturing their identity security practices. Organizations with advanced identity security capabilities report a significant reduction in identity-related security issues—up to 30% fewer incidents than those in earlier stages. This not only reduces risk but also enhances overall operational efficiency.
Moreover, businesses that have automated identity processes, such as access provisioning and password resets, report substantial gains in productivity. Employees spend less time on manual identity management tasks and more time on core business activities, contributing to improved workforce efficiency.
Conclusion
The SailPoint report makes a compelling case for organizations to prioritize investments in identity security, particularly as cyber threats continue to evolve. By adopting advanced identity security measures, businesses can reduce cyber risk and unlock new value pools, improve productivity, and manage rising cyber insurance premiums.
As machine identities proliferate and AI-powered solutions become more accessible, organizations that invest in mature identity security practices today will be better equipped to navigate the complexities of tomorrow’s digital landscape. The future of identity security is not just about reducing risk—it’s about bending the curve toward greater economic impact and long-term business success.
Other News: 2024 Trends in Identity Security: Report(Opens in a new browser tab).
Other News: DDoS attacks are on the rise, and are increasingly politically-motivated.