The Rise of Active Directory Exploits: Is It Time to Sound the Alarm?

Key findings

• 50% of organizations experienced an attack on Active Directory in the last 1-2 years
• Over 40% indicating the AD attack was successful
• Penetration testers successfully exploited AD exposures 82% of the time
• 86% of organizations plan to increase investment in protecting AD

Active Directory—the core identity store used by 90% of businesses worldwide—is a prime target for cyberattackers. Fixing AD-related security gaps should be at the top of every organization’s security checklist, according to a new report from Enterprise Management Associates (EMA). But the sheer complexity of managing AD security can hinder security goals.

“The complexity of the directory-based identity services platform used by 90% of enterprises around the world, coupled with the need for at least two different teams to collaborate to properly secure it and the constantly changing nature of its configuration, make it a difficult attack surface to protect,” said Paula Musich, EMA Research Director of security and risk management.

EMA surveyed IT professionals and executives across a range of industries to uncover how organizations are shifting priorities to address the growing threat of AD security weaknesses. The report covers:

• Priorities and spending for Active Directory security
• Active Directory security challenges and threats
• Assessing the security posture of Active Directory
• Remediating exposures and attacks
• Protecting Active Directory
• Active Directory and compliance