Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Cybersecurity skills gap and IAM automation: what teams should change


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: Security teams are operating with a widening capacity gap, and Imprivata cites recent research showing that only 14% of companies say they have the talent and resources needed to meet their security goals. The practical answer is not simply more headcount, but tighter use of managed services, identity automation, and passwordless access to reduce toil and protect overstretched teams.

NHIMG editorial — based on content published by Imprivata: Rethinking the Cybersecurity Skills Gap with Automation, Identity, and Managed Services

By the numbers:

Questions worth separating out

Q: How should security teams reduce identity workload when staffing is limited?

A: They should automate repetitive identity tasks first, then delegate bounded operational work to managed services where runbooks and escalation paths are explicit.

Q: Why do passwordless programmes help overstretched security teams?

A: Passwordless programmes reduce password reset volume, lower phishing exposure, and shrink a major source of support burden.

Q: What breaks when identity operations stay manual during a skills shortage?

A: Manual identity operations create slow approvals, inconsistent entitlement handling, and greater reliance on individual availability.

Practitioner guidance

  • Map which identity tasks consume scarce analyst time Separate password resets, access fulfilment, monitoring, and exception handling so you can see where staff time is being spent.
  • Use managed services for bounded operational coverage Outsource monitoring or alert triage only where runbooks, escalation paths, and evidence requirements are already defined.
  • Treat passwordless as an operating-model change Roll out passwordless authentication together with enrolment, recovery, and exception controls.

What's in the full article

Imprivata's full article covers the practical detail this post intentionally leaves at a higher level:

  • How managed services can be layered into an existing security operating model without creating ownership gaps
  • How passwordless authentication reduces help-desk burden while changing recovery and exception management
  • How automation can remove repetitive identity work from queues while preserving logging and approval traceability

👉 Read Imprivata's analysis of automation, identity, and the cybersecurity skills gap →

Cybersecurity skills gap and IAM automation: what teams should change?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Capacity shortage is now a governance problem, not just a staffing problem. When only 14% of companies say they have the talent and resources they need, the issue stops being simple headcount planning. Identity teams then inherit more approvals, more exceptions, and more administrative exceptions than their operating model can absorb. The practical conclusion is that security architecture must assume permanent resource pressure, not temporary shortage.

A few things that frame the scale:

  • Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
  • NHIs outnumber human identities by 25x to 50x in modern enterprises, which is why staffing shortages quickly turn into governance shortages.

A question worth separating out:

Q: Who is accountable when managed services handle security operations?

A: The organisation remains accountable for the control model, even when a third party performs the work. Teams must define what the provider monitors, what evidence it must retain, and where escalation returns to internal ownership. Managed services extend capacity, but they do not transfer governance responsibility.

👉 Read our full editorial: Cybersecurity skills shortages are pushing IAM toward automation



   
ReplyQuote
Share: