Notifications
Clear all
Topic starter
25/06/2026 5:17 pm
TL;DR: Identity security maturity is tied to faster breach response, lower helpdesk load, and fewer identity-related incidents, according to SailPoint’s Horizons of Identity Security research. Treating identity as core infrastructure, not a side control, changes both resilience and operating cost.
NHIMG editorial — based on content published by SailPoint: Investing in digital identity is essential and the costs of inaction are high
By the numbers:
- The average cost of one data breach in 2022 was $4.35M.
- About 40% of all IT helpdesk calls are password related.
- A jump from Horizon 1 to Horizon 4 reduces the time spent on identity audits by 70%.
Questions worth separating out
Q: How should organisations measure identity maturity beyond access reviews?
A: Measure identity maturity by linking access governance to operational outcomes such as response time, helpdesk demand, and audit effort.
Q: Why does identity governance reduce breach costs?
A: Identity governance reduces breach costs because it limits how far a compromised account can move, shortens the time attackers retain access, and speeds recovery evidence.
Q: What do security teams get wrong about password friction?
A: They often treat password friction as a user experience issue only.
Practitioner guidance
- Benchmark identity maturity against incident response outcomes Track detection time, response time, and recovery time alongside access coverage so the programme is measured by containment impact rather than process completion.
- Remove recurring password friction from workforce access Use reset automation, passwordless authentication, and self-service recovery to reduce the 40% of helpdesk work driven by password issues.
- Connect audit evidence to live entitlement state Build access review and compliance workflows so auditors can trace current permissions, approval history, and revocation status without manual evidence gathering.
What's in the full article
SailPoint's full blog covers the operational detail this post intentionally leaves for the source:
- The five-horizon identity maturity model and how to place your programme within it.
- The business value vectors used to compare identity maturity across risk, compliance, efficiency, and experience.
- The specific survey framing behind the breach, helpdesk, and audit efficiency claims.
- The self-assessment context SailPoint uses to encourage organisations to benchmark their current horizon.
👉 Read SailPoint's analysis of why digital identity maturity matters →
Identity maturity and breach cost: what practitioners need to know?
Explore further
25/06/2026 5:53 pm
Identity maturity is now a loss-reduction strategy, not just a security programme. The report’s numbers point to a simple operating reality: better identity governance changes breach economics, response speed, and audit burden at the same time. That is why identity no longer sits only inside IAM teams, but becomes part of enterprise resilience planning. Practitioners should treat identity maturity as a core control for both security and operating cost.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which explains why privilege creep persists even when teams believe they have control.
A question worth separating out:
Q: Who should own identity maturity improvements across IAM and compliance?
A: Identity maturity should be owned jointly by IAM, security operations, and compliance leadership because the benefits span detection, recovery, auditability, and user access efficiency. If ownership sits only with one team, the programme tends to optimise for either controls or convenience rather than both.
👉 Read our full editorial: Digital identity maturity cuts breach cost and response time
