#USA #Cybersecurity #Keeper Security #Las Vegas #Black Hat USA

Identity Security Gaps Exposed at Black Hat USA 2025

As AI threats escalate in sophistication, a recent survey by Keeper Security conducted during the Black Hat USA 2025 conference reveals alarming identity security gaps that many organizations face. The survey, which included responses from 110 cybersecurity professionals, showed a significant disconnect between the recognized need for zero-trust security measures and the actual implementation of such strategies in the workplace.

Key Findings of the Survey

The findings highlighted that although zero trust has been identified as a priority by many organizations, only 27.3% reported that they have effectively implemented it into their security protocols. In contrast, a substantial number of respondents cited major gaps in their security frameworks, impeded by a variety of factors.

Challenges Faced by Organizations

The survey illuminated the primary obstacles hindering the effective execution of zero-trust strategies:

• - Complexity of Deployment: 30% of respondents indicated that the complexity involved in deploying zero trust was a significant barrier.
• - Integration Issues with Legacy Systems: 27.3% reported that complications in integrating new security measures with existing legacy systems were problematic.
• - Lack of Executive Support: About 20% struggled with insufficient support from leadership, highlighting a need for greater buy-in at the executive level to prioritize security initiatives.

In an era where identity-based threats are becoming increasingly sophisticated, the pressure on security teams to enforce effective measures is mounting. Phishing, social engineering, and deepfakes have been identified as the top threats to watch for in the coming 12 to 18 months, with only 16.4% of professionals expressing full confidence in their ability to protect against these AI-driven identity attacks.

Privileged Access Management: A Notable Blind Spot

The survey also brought attention to notable issues within privileged access management (PAM). Respondents described common missteps that organizations are making, such as:

• - Not Enforcing Multi-Factor Authentication: 40% failed to enforce this essential security measure, putting their systems at risk.
• - Unnecessary Privilege Management: 33.6% admitted to not removing unnecessary privileges, allowing potential exploit paths for cybercriminals.
• - Absence of a PAM Solution: 32.7% reported that they were not utilizing a dedicated PAM solution, which can increase vulnerability across modern hybrid and multi-cloud environments.

The Need for a Modern Approach to PAM

Traditional PAM tools often prove to be cumbersome and costly, complicating the process of maintaining effective security protocols. Keeper Security’s cloud-native solution, KeeperPAM®, offers a modernized approach that tackles these challenges head-on. It integrates password and secrets management under a unified interface, streamlining administrative tasks and enhancing security measures without overwhelming users.

Bridging the Gap Between Knowledge and Action

The data from this survey starkly highlights the disconnect between awareness and execution among security leaders. Despite a consensus on the significance of adopting zero trust and enhancing identity protection, fragmentation in tools, time restrictions, and limited leadership support continue to hinder progress.

According to Darren Guccione, CEO and Co-founder of Keeper Security, organizations urgently need practical and effective solutions that can be deployed seamlessly across diverse IT environments to bridge these gaps. Quoting him, "Security leaders align on the need for zero trust, yet they are often constrained by available resources, time, and mutual support."

The Way Forward

Keeper Security enables organizations to narrow the divide between intentions and actions by fostering zero trust adoption, enforcing least-privilege access, and providing defense against evolving identity-based threats. Their unified privileged access management platform offers the visibility, automation, and control essential for navigating today's shifting cybersecurity landscape, enabling better readiness against emerging threats.

For more in-depth insights, refer to the infographic detailing identity security highlights from Black Hat 2025.