SailPoint has released its 2024-2025 annual research report ‘The Horizons of Identity Security’ which highlights the trend of identity security adoption and the associated journey as well as various tangible and intangible returns for organizations who managed to mature said aspect.
Despite the untapped potential of identity security, around 41% of the organizations surveyed remain at the beginning of their journey, with only 10% progressing to more advanced stages. This gap underscores the vast opportunities for organizations to realize the value of identity security fully.
The research indicates that organizations that reach maturity in their identity security practices can “bend” the identity security-to-value curve, generating greater economic returns. These returns are driven by reduced cyber risk, increased business value, and improved productivity. Mature organizations experience substantial reductions in risk, higher business value, and greater workforce productivity.
Here are some of the key areas and highlighted figures where new values are constantly being unlocked due to a matured identity security program:
- Stronger machine identity coverage: Mature organizations have 87% coverage of machine identities, such as bots, compared to just 28% for those in the early stages. This is notable as machine identities are rapidly growing, representing over 40% of total identities in many organizations, with an expected growth of 30% in the coming year
- Higher 3rd-party identity coverage: Organizations with mature identity security have up to 50% more coverage of third-party identities, a critical area as businesses increasingly rely on external providers, expanding the attack surface
- Leveraging identity data intelligence: Mature organizations are twice as likely to use identity data to create actionable insights, enabling smarter user access guidance, context-aware security policies, and more accurate access reviews, thereby reducing security risks
- Greater AI adoption and investment in Gen-AI: These organizations show nearly twice the adoption of AI-powered identity solutions, enhancing scalability and productivity. They are also better positioned to invest in GenAI for tasks like workflow creation and natural language search, while early-stage organizations focus on automating basic tasks
- Lower cyber insurance premiums: 92% of respondents report that insurers assess their cyber capabilities when setting premiums, and over 70% of decision-makers view identity security as one of the top three factors influencing these premiums
Over the past three years, SailPoint’s research and experience have shown that the future of identity security will involve integrated programs across diverse technologies. This integration includes unified access controls across all identity types, security operations, and support for machine identity management. Next-generation identity security is increasingly driven by AI-powered analytics, which enhance security through context-aware policies, anomaly detection, and behavior analysis.
A case study from SailPoint customer RWE illustrates how the company achieved identity security maturity in just six months. RWE transitioned from manual on-premises identity management to a cloud-based, AI-driven solution, scaling its identity security from 2.5K to 30K user accounts. This shift reduced onboarding time from 25 days to less than 3 hours, significantly improving productivity. Importantly, RWE also unified its identity strategy across 30 business units, demonstrating how committed investments in identity security can provide a competitive edge in the digital age.
Those who are interested in reading the full report can check it out here.
