33.6% of security leaders pointed to failing to remove unnecessary privileges as a common misstep in privileged access management.

32.7% of security leaders pointed to not using a PAM (Privileged Access Management) solution as a common misstep in privileged access management

40% of security leaders pointed to not enforcing multi-factor authentication as a common misstep in privileged access management.

Identity-based attacks made up 30% of total intrusions for the second year in a row.

98% of organisations plan to strengthen their identity security postures this year, with detecting and responding to identity-related threats at the top of the list.