Today Keeper Security released its latest Insight Report, Securing Privileged Access: The Key to Modern Enterprise Defence, all about privileged access management (PAM). The report found that nearly half (49%) of organisations with PAM report fewer security incidents tied to privilege misuse. The report also found that, as 94% of organisations now operate in hybrid or cloud-first environments, access controls must adapt with infrastructure evolution.
As organisations rely on an increasingly complex network of users, applications and infrastructure, managing privileged access to prevent cyberattacks has become both more critical and more complicated. The rapid adoption of cloud, hybrid and multi-vendor environments, combined with the rising sophistication and AI-powered escalation of cyber attacks, has amplified the need for solutions that can enforce secure, scalable and centralised access controls.
Keeper’s Insight Report explores the motivations driving PAM adoption, the most common obstacles to deployment and the features organisations consider essential for securing access in today’s cybersecurity threat landscape. The findings are based on a global survey of 4,000 IT and security leaders in the United States, Europe and Asia.
“Every system, whether in the cloud, on-premises or remote, is a potential entry point that necessitates adaptive and secure controls to defend against modern threats,” said Darren Guccione, CEO and Co-founder of Keeper Security. “Modern, zero-trust PAM doesn’t just mitigate risk; it enables organisations to shift from a reactive defence posture to proactive, pervasive control.”
The report also found that 44% of respondents noted challenges with implementation as a barrier to adoption. That number rose sharply to 57% of respondents in the UK, emphasising the need for user-friendly solutions that are simple to deploy.
More than half (53%) of organisations that implemented PAM report improved protection of sensitive data, with that number rising to 58% in the UK. Credential theft remains one of the most common causes of breaches, underscoring PAM’s critical role as a frontline defence.
Even with tools in place, risky practices persist. Among non-PAM users, 8% still store credentials in spreadsheets. While that number drops to 2% in the UK, 10% of respondents said they had no formal plan in place. Globally, 13% of organisations audit privileged access only once a year or less, leaving standing permissions unchecked for extended periods. Organisations need comprehensive security posture information about end-user behaviour.
“A robust security posture requires both the right systems and the right human behaviours,” said Guccione. “An organisation will never be fully protected if users circumvent controls or skip essential reviews. That’s why insightful risk analysis and end-user education must be part of a successful PAM strategy.”
When fully implemented, PAM delivers measurable benefits across the enterprise, with respondents reporting better data protection, reduced cyber incidents and stronger compliance. A PAM solution like KeeperPAM is designed for today’s distributed workforces – delivering secure credential storage, zero-trust network access, seamless integrations and real-time monitoring built for cloud and hybrid environments. In today’s identity-driven threat landscape, where access can be granted from anywhere at any time, controlling privileged accounts is fundamental to defending critical systems and data.
