TL;DR: 68% of organisations suffered a cyberattack in the last 12 months, while 49% would prioritise improving PAM if they could choose, according to Netwrix Research Lab’s survey of 1,610 IT professionals across 106 countries. The message for identity programmes is clear: hybrid security still fails at privilege control, not just at perimeter coverage.
NHIMG editorial — based on content published by Netwrix: 2023 Hybrid Security Trends Report
By the numbers:
- 68% of organizations suffered a cyberattack within the last 12 months.
- 49% of respondents would opt to improve privileged access management (PAM) in their organization if they could decide on their own.
Questions worth separating out
Q: How should security teams reduce privilege risk in hybrid environments?
A: Start by inventorying every elevated identity that can operate across on premises and cloud systems, then remove standing access wherever possible.
Q: Why do hybrid environments make PAM harder to govern?
A: Hybrid environments spread elevated access across different control planes, which makes it easier for privilege to become inconsistent, duplicated, or invisible.
Q: What breaks when privileged access is left standing in hybrid estates?
A: Standing privilege turns one compromised identity into a broad access path across multiple systems.
Practitioner guidance
- Map privileged identities across the hybrid estate Inventory every admin account, emergency account, service credential, and cloud role that can reach sensitive systems.
- Shrink standing privilege before adding more controls Replace persistent elevation with just-in-time approval and task-scoped access where the workflow supports it.
- Unify privileged session oversight Monitor privileged activity through a single control model that covers session start, command scope, and revocation across platforms.
What's in the full report
Netwrix's full research covers the operational detail this post intentionally leaves for the source:
- Survey methodology across 1,610 IT professionals from 106 countries, useful if you need to judge how representative the findings are.
- Breakdowns of security incidents and cyberattack experience by environment type, which help teams compare on premises and cloud exposure.
- Respondent views on current security measures, future plans, and cyber insurance adoption, which are useful for programme benchmarking.
- The full set of broader IT priority data that explains how identity and security compete with other budget demands.
👉 Read Netwrix's 2023 hybrid security trends report on cyberattacks and PAM →
Hybrid security trends: why PAM is still the control gap?
Explore further
Hybrid security fails first at privilege continuity, not at environment type. The report shows organisations are operating across on premises and cloud while still struggling to make elevated access behave consistently. That is not an infrastructure problem alone. It is an identity governance problem because the same actor can inherit different trust rules depending on where it lands. Practitioners should read hybrid risk as a privilege-containment failure, not a simple architecture mismatch.
A few things that frame the scale:
- 19% of organisations give AI systems dramatically more access than human employees, nearly one in five granting unrestricted privilege, according to The 2026 Infrastructure Identity Survey.
- Only 13% of organisations feel extremely prepared for the reality of agentic AI, which shows that governance maturity is still trailing adoption.
A question worth separating out:
Q: Who is accountable when privileged access fails in a hybrid security programme?
A: Accountability should sit with the identity, infrastructure, and security owners jointly, because no single team controls the full privilege path in a hybrid estate. The practical test is whether each elevated identity has a named owner, a business purpose, and a review process. If any of those are missing, accountability is already fragmented.
👉 Read our full editorial: Hybrid security trends show PAM remains the weakest control gap