The Growing Identity Crisis
New survey data from SANS and Enzoic reveals a stark reality for enterprise security. According to the 2026 SANS Identity Threats and Defenses Survey, 55 percent of organizations experienced at least one identity related compromise in the past year. This figure underscores how attackers have shifted focus to authentication systems as a primary attack vector. The report notes that valid credentials are increasingly used to bypass traditional defenses, making identity the de facto new security perimeter.
MFA Fatigue and Detection Gaps
A critical finding shows that 26 percent of identity attacks involved MFA fatigue, where attackers bombard users with push notifications until they approve access. Organizations also struggle to detect and contain these threats quickly. The survey highlights that many companies lack the visibility and response tools needed to spot credential abuse in real time. This gap allows attackers to maintain persistence within networks using legitimate logins, often evading standard security controls.
Source: Help Net Security
