New Centrify Report: Stop Putting Up with Bad Karaoke and Start Learning about Zero Trust Privilege

June 4, 2019

You know when you’re hanging out with friends, maybe doing a little drinking, and somebody suggests that you go to a karaoke bar? “Heck yeah! Sounds fun, I’m a GREAT singer!”


The letdown is always when somebody records your performance and you listen to it (or worse, watch it on YouTube or social media) the next day…. “Oh, I’m not as good as I thought I was, but I’m still not willing to take any voice lessons.”

The same could be said about Privileged Access Management. We all know it’s a good thing to do, but we tend to be overconfident in our own abilities. It’s time to listen to the experts and take a few lessons.

Gartner has listed PAM as a Top 10 information security project in both 2018 and 2019, and Forrester estimates that 80% of breaches involve privileged access abuse. Yet we are all still dealing with a lot of BAD karaoke.


Centrify just published a new report titled, “The 2019 Zero Trust Privilege Maturity Model Report,” in partnership with Techvangelism. It includes highlights of our recent survey of 1,300 organizations in the U.S. and Canada, gauging their understanding of Privileged Access Management.

The report identifies two fairly-obvious points:

  • Organizations are way too confident in their ability to stop data breaches
  • They’re also woefully unaware of the primary cybersecurity threat they’re facing – privileged access abuse – and almost half are basically doing nothing about it

The report also provides a comprehensive overview of the Zero Trust Privilege Maturity Model, which helps organizations better understand and define their ability to discover, protect, secure, manage, and provide privileged access. In addition, this model can be used to help mature existing security implementations towards one that provides the greatest level of protection of identity, privileged access, and its use.


The report brings some interesting new findings to light:

  • 79% of organizations do not have a mature approach to Privileged Access Management (PAM).
  • 43% of organizations have an approach to PAM that would be best described as “Nonexistent.”
  • 93% of organizations believe they are at least somewhat prepared against threats that involve privileged credentials.


What does all this mean? It supports our contention that legacy approaches to Privileged Access Management no longer suffice. A cloud-ready Zero Trust Privilege solution must emerge that can secure both legacy and modern attack surfaces.

That’s what the Zero Trust Privilege Maturity model seeks to do: establish clear definitions of the different approaches to PAM in a modern threatscape. Whether its Nonexistent, Vault-Centric, Identity-Centric, or Mature, the report can help any organization identify its current place in the path to Zero Trust Privilege, and where it can improve.

Remember, organizations don’t need to go from Nonexistent to Mature overnight. Even simple steps like implementing MFA for administrative privileged access or getting a password vault can quickly jumpstart a Zero Trust Privilege approach and significantly reduce their risk of becoming the next data breach victim making headlines.

Download the report to learn more:

This is written by the individual author in his/her personal capacity, and the opinions, views and/or thoughts expressed herein are solely the author’s own. They are not intended to and may not necessarily reflect the official policy or position, or the opinions or views of ThycoticCentrify or its affiliates, employees, or any other group or individual.