Cloud 101CircleEventsBlog
CAIQ Lite is now accepted into the STAR Registry! Showcase your cloud security readiness with a simplified assessment. Learn more today!

Download Publication

The State of Non-Human Identity Security
The State of Non-Human Identity Security
Who it's for:
  • All cybersecurity professionals

The State of Non-Human Identity Security

Release Date: 09/11/2024

Non-human identities (NHIs) include bots, API keys, service accounts, OAuth tokens, and secrets. These identities keep today’s organizations running smoothly by automating tasks, boosting efficiency, and driving innovation. However, NHIs also operate 24/7, handle sensitive information, and perform actions at lightning speed. This makes them prime targets for cyber attacks and a major concern within Identity and Access Management (IAM).

To better understand this often overlooked aspect of IAM security, Astrix commissioned CSA to develop a new survey report. CSA conducted the survey online in June 2024 and received 818 responses from IT and security professionals. The resulting report provides insights into:
  • Perceptions around NHIs and their security risks
  • Current security efforts, policies, and management of NHIs
  • Challenges with connecting to third-party vendors
  • Current management and policies for API keys

Read the full report to get crucial insights into NHI security gaps and recommendations.

Key Findings Include:
  • Only 15% of organizations feel highly confident in preventing NHI attacks, while 69% express concerns about them. This indicates awareness of the risks but a lack of confidence in current security measures.
  • Major pain points include managing service accounts, auditing and monitoring, access and privilege management, discovering NHIs, and policy enforcement.
  • Only 20% of organizations have formal processes for offboarding and revoking API keys. Even fewer have procedures for rotating them.  
  • Many organizations rely on a mix of security tools not specifically designed for NHIs. This results in a lack of cohesion and effectiveness.  
  • A promising trend shows increased investment in NHI security capabilities. 24% of organizations plan to invest within the next six months and 36% within the next 12 months.
Download this Resource

Bookmark
Share
Related resources
Zero Trust Guiding Principles v1.1
Zero Trust Guiding Principles v1.1
Strengthening Research Integrity with High-Performance Computing (HPC) Security
Strengthening Research Integrity with High-Perf...
Top Threats to Cloud Computing 2024
Top Threats to Cloud Computing 2024
Healthcare & Cybersecurity: Navigating a Vast Attack Surface
Healthcare & Cybersecurity: Navigating a Vast Attack Surface
Published: 10/08/2024
Cybersecurity Risk Mitigation Recommendations for 2024-2025
Cybersecurity Risk Mitigation Recommendations for 2024-2025
Published: 10/08/2024
Why You Should Have a Whistleblower Policy for AI
Why You Should Have a Whistleblower Policy for AI
Published: 10/07/2024
How to Maximize Alignment Between Security and Compliance Teams
How to Maximize Alignment Between Security and Compliance Teams
Published: 10/04/2024
Are you a research volunteer? Request to have your profile displayed on the website here.

Related Certificates & Training