The 2024 Study on the State of Identity and Access Management (IAM) Security
Unprepared & Vulnerable
Ponemon Report
Not a week goes by without a new data breach hitting the news cycle. And it is big news: a single successful attack can be painfully expensive. In the United States the average cost per data breach was $9.48 million in 2023[1].
The attackers are getting more dangerous: they are now criminal organizations and bad-actor states, phishing for your vulnerable passwords with better tech, more resources and AI.
percent of respondents say their organizations are prepared to protect identities when attackers have AI capabilities.
of respondents say if a threat actor used a stolen credential to login to their organization, it could take one day to more than one week to detect the incident [1].
[1] Data from The 2024 Study on the State of Identity and Access Management (IAM) Security, Converge and the Ponemon Institute, June 2024
Stopping bad guys from getting into your systems is the first step to keeping them safe. This is the practice of Identity and Access Management (IAM). But only 45% say their organizations have an established or formal IAM program.
Converge had to know why, so we asked. Converge and the Ponemon Institute surveyed 571 IT and IT security practitioners in the US to hear what they are currently practicing in IAM. Data breaches continue to be a huge vulnerability, but most companies were not doing enough to prevent them.
This report shows how organizations are approaching IAM, to what extent they are adopting leading security practices, and how well they are mitigating identity security threats. This report will inform and instruct, but more importantly, it will arm you with data you need to make the case for better IAM.
And it’s free.
Sponsored by Converge Technology Solutions and independently conducted by Ponemon Institute LLC, July 2024.
[1] Ponemon Institute, “Cost of a Data Breach Report 2023”
[2] Data from Unprepared & Vulnerable:, Converge and the Ponemon Institute, July 2024