Tech Beetle briefing AU

New Study Reveals Only 1% of Organisations Have Fully Adopted Just-in-Time Privileged Access

Essential brief

Key facts

Only 1% of organisations have fully implemented just-in-time privileged access, despite its security benefits.

91% of organisations report that at least half of their privileged access accounts are always-on, increasing vulnerability.

AI-driven identities are emerging as a significant innovation in privileged access management but are not yet widely adopted.

The gap between confidence in privileged access programs and actual practices highlights a critical security risk.

Investing in modern PAM solutions with automation and AI can improve security and operational efficiency.

Highlights

Only 1% of organisations have fully implemented just-in-time privileged access, despite its security benefits.

91% of organisations report that at least half of their privileged access accounts are always-on, increasing vulnerability.

AI-driven identities are emerging as a significant innovation in privileged access management but are not yet widely adopted.

The gap between confidence in privileged access programs and actual practices highlights a critical security risk.

A recent study conducted by CyberArk, a global leader in identity security, has uncovered a stark disparity between organisations' confidence in their privileged access management (PAM) programs and their actual implementation practices. The research highlights that while many organisations believe they have robust controls in place, only 1% have fully adopted just-in-time (JIT) privileged access, a critical security measure designed to minimize the risks associated with always-on privileged accounts.

Privileged access refers to the elevated permissions granted to users or systems that allow them to perform critical tasks within an IT environment. Traditionally, many organisations have maintained these privileged accounts as always-on, meaning they are continuously active and accessible. The study found that 91% of organisations report that at least half of their privileged access remains always-on. This practice significantly increases the attack surface, making it easier for malicious actors to exploit these accounts and gain unauthorized access to sensitive systems.

The research also sheds light on the emerging role of AI-driven identities in privileged access management. AI technologies are being integrated to enhance identity verification and access controls, offering dynamic and adaptive security measures. Despite this advancement, the adoption of AI-driven identities remains in its early stages, indicating a potential area for growth and innovation in identity security.

The implications of these findings are profound for cybersecurity strategies worldwide. The low adoption rate of JIT privileged access suggests that many organisations are still vulnerable to insider threats and external attacks that leverage persistent privileged credentials. By shifting towards JIT access, organisations can grant elevated permissions only when necessary and for a limited duration, thereby reducing the window of opportunity for attackers.

Furthermore, the study emphasizes the need for organisations to reassess their privileged access policies and invest in modern PAM solutions that incorporate automation and AI capabilities. This approach not only strengthens security but also improves operational efficiency by reducing manual oversight and potential human errors.

In conclusion, while there is growing awareness of the importance of privileged access management, the actual implementation of best practices like just-in-time access remains limited. Organisations must prioritize closing this gap to protect critical assets and maintain resilience against evolving cyber threats. The integration of AI-driven identities presents a promising avenue to enhance security frameworks, but widespread adoption and effective deployment are essential to realize these benefits fully.