The 2019 Study on Privileged Access Security: Executive Summary


Sila and Ponemon Institute Study Finds Substantial Lapses in Securing Sensitive Access

Privileged access security is essential: it restricts and protects access to the powerful administrative accounts that control organizations’ critical servers, databases, and networks. The 2019 Study on Privileged Access Security by the Ponemon Institute and Sila surveyed 650+ North American IT and IT security professionals, including database administrators, network engineers, IT security practitioners, and cloud custodians. The survey both builds on historical trend data starting in 2011 and introduces new research questions reflecting recent developments in the privileged access management (PAM) space.

By the Numbers

The study found substantial lapses in securing privileged access including:

  • 56% of respondents said they expect the risk of privileged user abuse to increase over the next 12 to 24 months
  • 52% of respondents said their organizations do not have the capabilities to effectively monitor privileged access
  • 62% of respondents said it was likely that their organization assigns privileged access rights that go beyond an individual’s role or responsibilities
  • 70% of respondents said it was likely that privileged users access sensitive information without a business need

Experts Weigh In

“With organizations facing a multitude of threats on a daily basis and as the risks related to privileged access security continue getting worse, this year’s survey shows that overall progress toward effective implementation of privileged access management (PAM) programs continues to stagnate in many areas. The status quo is not secure.

Business and IT leaders need to look beyond simple tool integration and a “check the box” mentality solely driven by compliance demands. Organizations take a big risk by not properly investing in effective PAM strategies that not only promote security but propel business success.”

– Dr. Larry Ponemon, Chairman, Ponemon Institute

“The results of The 2019 Study on Privileged Access Security shed light on the fact that privileged access is more prevalent than people may realize. It touches every part of an organization and has far-reaching implications for an organization’s business objectives as well as its security. Leaders need to step back and ask why individuals have the access they do, and how that aligns with the mission of their business – unnecessary privileged access puts data, employees, customers, and the overall business at risk.”

– Tapan Shah, Managing Director, Sila

Key Findings

Key findings from the study include multi-year trends, differences in high- and low-performing organizations, and critical risks privileged access management (PAM) programs should address. The full report covers these areas and more, grouped by the following themes:

  • Why privileged user abuse is increasing
  • The security risks created by not keeping up with the delivery and review of access rights
  • The need for new approaches to managing access rights

Get the Full Report