Study: Identity recovery testing remains inconsistent across organizations

Infosecurity Magazine reports that a recent Quest Software study found only 24% of organizations have run semiannual tests of their identity disaster recovery plans, indicating many may struggle to restore authentication systems after a cyber incident.

Based on a global survey of 650 IT and security executives and practitioners, the findings showed recovery testing remains inconsistent, with 44% testing identity recovery plans annually, 8% every two years, and 24% not testing them at all. The study also found growing identity security challenges as organizations manage complex environments involving non-human identities, third-party accounts, and legacy systems, leaving nearly 80% vulnerable to identity-related threats due to limited visibility and complexity. To manage the rising number of identity alerts and activity, many security teams are increasingly relying on automation to manage alerts, with 79% of respondents saying AI could improve identity threat detection and response by helping analyze signals across multiple identity platforms and reducing alert fatigue.

Adoption of ITDR programs is also rising, with 92% of those with a program reporting at least partial benefits. The report concluded that many ITDR initiatives prioritize detection over a full lifecycle approach that includes protection, identification, response, and recovery.