Close systemic IAM gaps to keep stolen credentials from slipping through: BeyondID

Stolen credentials are the initial vector of attack not just for the most incidents, but the longest-lasting ones as well, according to a new report from BeyondID. Attacks carried out with stolen enterprise IDs or other credentials last an average of ten months before they are detected, the company found.

BeyondID sats that up to 60 percent of stolen credentials were exposed, intentionally or otherwise, by internal actors like employees.

The problem affects 9 in 10 companies, according to the KeyData Cyber subsidiary’s report on “The Identity Economy: How Gaps in Identity Management Enable and Sustain Cybercrime.”

Common security practices create systemic weaknesses in identity and access management (IAM), which are targeted by attackers. The advent of AI tools for phishing and data harvesting only exacerbates the threat.

AI attacks are expected to grow in number, with impersonation of authorized users anticipated as the most significant challenge over the next 12 to 18 months, according to 37 percent. Coordinated multi-vector attacks and social engineering with deepfakes are seen as the top threat in that span by 19 percent and 15 percent, respectively.

The report explains the problem, and offers steps to address it.

To limit their exposure, organizations should maintain vigilance to identify security gaps throughout system lifecycles, incorporate multiple digital identity security solutions designed to work together, integrate tools with proactive management and focus on real-time, continuous compliance with regulations and best practices, BeyondID advises.

The point is similar to that made by Ping Identity VP of Product Management Jason Oeltjen about fraud and identity teams collaboration with each other to apply stolen credential monitoring to identity workflows in an August Biometric Update guest post.

“One of the biggest mistake companies can make when working to improve business identity theft protection and remediate identity exploit vectors is to believe the work is a one-time effort and thus adopt a static approach to a dynamic problem,” the report says.

The report presents the concept of “Identity Exploit Vectors” or “IEVs,” and describes the most common types.

“Identity has become the new perimeter, yet many organizations still underestimate its role in sustaining the global cybercrime economy. Cybercrime once relied on brute force or network flaws, but now depends on identity,” says BeyondID CEO Arun Shrestha. “The stakes have never been higher; yet identity remains one of the most overlooked areas of cybersecurity investment. This report is a wake-up call to prioritize identity as a front-line defense, not a backend concern.”

Shrestha will present the report’s findings, along with Biogen Head of Access Automation and Cybersecurity Laura Curtaccio at Okta’s Oktane 2025 on Thursday.

Article Topics

BeyondID  |  cybersecurity  |  digital identity  |  identity access management (IAM)  |  identity management