Skip to main content

Report: Privileged access management still absent in 80% of organizations

An image of a red computer screen with the words RANSOM written on it.
Image Credit: Suebsiri Srithanyarat / EyeEm

Join us in Atlanta on April 10th and explore the landscape of security workforce. We will explore the vision, benefits, and use cases of AI for security teams. Request an invite here.


Nearly 80% of organizations have not implemented — or have only partially implemented — a privileged access management solution.

Figure 1. Privileged Access Management Practices Implemented by % of Respondents. 42% account for logging of privileged account use. 40% account for audits of privileged accounts. 39% account for monitor for anomalous behavior. 37% account for multi-factor authentication for privileged access. 34% account for tiered model to prevent privilege escalation. 29% account for dedicated workstations for administrative actions. 23% account for automated PAM solutions.

As organizations become increasingly internet-reliant and networked technical environments, they are faced with defending against evolving ransomware attacks.

Early ransomware attacks primarily targeted organizational data; however, attacks are progressively overtaking systems and networks, which is especially troublesome for the stability of critical infrastructure.

VB Event

The AI Impact Tour – Atlanta

Continuing our tour, we’re headed to Atlanta for the AI Impact Tour stop on April 10th. This exclusive, invite-only event, in partnership with Microsoft, will feature discussions on how generative AI is transforming the security workforce. Space is limited, so request an invite today.
Request an invite

Using data from 100 organizations across multiple critical infrastructure sectors, Axio researchers identified seven key areas where organizations are deficient in implementing and sustaining basic cybersecurity measures. Overwhelmingly, the most concerning finding was a pervasive lack of basic controls over privileged credentials and access — nearly 80% of organizations have not implemented or have only partially implemented privileged access management.

While an element of ransomware exposure is due to factors outside of an organization’s direct control, from a lack of sufficient technologies to employees falling victim to phishing schemes, this report reveals shockingly common failures of basic cybersecurity practices and indicates that highly impactful improvements in ransomware protection may be directly obtained by improving basic cyber hygiene.

Read the full report by Axio.

VB Daily - get the latest in your inbox

Thanks for subscribing. Check out more VB newsletters here.

An error occured.