71% of Organizations Experienced Identity Breaches in Last Year

Severity: High (Score: 69.5)

Sources: Markets.Businessinsider, www.sophos.com, Cybersecuritydive

Summary

A recent Sophos report reveals that 71% of organizations faced at least one identity-related breach in the past year, with an average of three incidents reported per organization. Human error and poor management of non-human identities (NHIs) are the primary causes of these breaches. Notably, two-thirds of ransomware attacks originated from identity-related incidents, highlighting the critical role of identity in cybersecurity. The financial impact is significant, with recovery costs averaging $1.64 million. Organizations are struggling to manage NHIs, with only 33% regularly auditing or rotating service accounts. The report emphasizes the urgent need for enhanced identity security measures as AI technology complicates identity management. Recommendations include enforcing Multi-Factor Authentication and implementing better NHI management practices. Key Points: • 71% of organizations suffered at least one identity-related breach in the past year. • Two-thirds of ransomware attacks began with an identity-related incident. • Organizations face an average recovery cost of $1.64 million due to identity breaches.

Key Entities

• Data Breach (attack_type)
• Ransomware (attack_type)
• Australia (country)
• Brazil (country)
• France (country)
• Germany (country)
• India (country)
• CWE-798 - Use of Hard-coded Credentials (cwe)
• sophos.com (domain)
• Government (industry)