Study: 90 Percent of Organizations Experienced an Identity-Related Incident in Last Year

Identity-related incidents continue to dominate today's headlines. Clorox, MGM and Caesars fell prey to social engineering, while 23andMe suffered a breach as a result of a hacking method called credential stuffing and UnitedHealth lacked multi-factor authentication (MFA). Although these companies made headlines due to the extent of the breach, today's study revealed that only 10% of respondents didn't have an identity-related incident in the last 12 months, consistent with last year's report.

An astonishing 84% of identity stakeholders said incidents directly impacted their business, up from 68% in 2023. The most significant impact, seeing a measurable rise this year, was distracting from core business (52%), followed by the cost of recovering from the breach, which dropped from number one this year but increased from 33% to 47%. Close behind and keeping third place is the negative impact on the company's reputation, notably increasing from 25% to 45%.

"Identity-related incidents are on the rise, emphasizing the need for strong identity security measures," said Jeff Reich, Executive Director at IDSA. "Many of today's major breaches result from sophisticated phishing and social engineering attacks or not having multi-factor authentication. These incidents not only impact operations, they cost a fortune — UnitedHealth experienced a $872 million loss from the Change Healthcare cyberattack. And they can also lead to significant drops in stock prices and lasting reputational damage. With identity threats becoming more severe, it's crucial for organizations to strengthen their identity security frameworks to better protect against these growing challenges."

Key Research Findings:

The State of Identity Security in 2024

  • 22% of businesses see managing and securing digital identities as the number one priority of their security program, up from 17% in 2023.
  • 89% of organizations are concerned with employees using corporate credentials for social media.
  • 91% of organizations invoked their incident response plans, double of 2023 and 32% invoked their plans more three to five times.

How 2024 Trends Impact Identity Security

  • Consistent with 2023, 89% of businesses are somewhat or very concerned that new privacy regulations will impact identity security.
  • 96% of respondents report AI/ML will be beneficial in addressing identity-related challenges, with 71% stating the number one use case is identifying outlier behaviors
  • 81% of identity stakeholders see passwordless authentication as a solid technology for addressing identity issues.

Security Outcomes Remain a Work in Progress

  • Down slightly, 93% of identity stakeholders said that security outcomes could have lessened the business impact of incidents.
  • 37% of respondents said implementing MFA for all users could have prevented or minimized the effect of incidents, followed by timely reviews of access to sensitive data (42%) and privileged access (50%).
  • 99% of businesses reported they are planning to further invest in security outcomes in the next 12 months.

Featured

  • Security Industry Embraces Mobile Credentials, Biometrics and AI, New Trends Report From HID Finds

    As organizations navigate an increasingly complex threat landscape, security leaders are making strategic shifts toward unified platforms and emerging technologies, according to the newly released 2025 State of Security and Identity Report from HID. The comprehensive study gathered responses from 1,800 partners, end users, and security and IT personnel worldwide, and reveals a significant transformation in how businesses are approaching security, with mobile credentials and artificial intelligence emerging as key drivers of innovation. Read Now

  • UK’s NHS Hospital Transforms Security with Edge-processing Camera System

    i-PRO Co., Ltd.,(formerly Panasonic Security), a manufacturer of edge computing cameras for security and public safety, recently announced that a leading teaching hospital in Northeast England, has enhanced its security infrastructure with i-PRO X-Series cameras integrated with Milestone’s XProtect Video Management Software (VMS). Read Now

  • Gun Violence Report Finds Retail Spaces, K-12 Schools Most Targeted

    ZeroEyes, the creators of the only AI-based gun detection video analytics platform that holds the U.S. Department of Homeland Security SAFETY Act Designation, today announced the release of its annual Gun Violence Report, offering a deep dive into the landscape of gun-related incidents across the United States. This analysis extends beyond mass fatality events, providing a more nuanced understanding of when, where, and why shootings occur. Read Now

  • Agentic AI Will Revolutionize Cybercrime in 2025 According to New Report

    Malwarebytes, a provider in real-time cyber protection, recently released its 2025 State of Malware report, which reveals insight into the emergence of agentic artificial intelligence (AI), plus the year’s most prominent threats and cybercrime tactics. The report details a significant uptick in the number of known ransomware attacks, the total value of ransoms paid in 2024, and how IT teams can address them. Read Now

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities