EMA Research Report Download Now

Key findings:

  • 50% of organizations experienced an attack on Active Directory in the last 1-2 years
  • Over 40% indicating the AD attack was successful
  • Penetration testers successfully exploited AD exposures 82% of the time
  • 86% of organizations plan to increase investment in protecting AD

Active Directory—the core identity store used by 90% of businesses worldwide—is a prime target for cyberattackers. Fixing AD-related security gaps should be at the top of every organization’s security checklist, according to a new report from Enterprise Management Associates (EMA). But the sheer complexity of managing AD security can hinder security goals.

“The complexity of the directory-based identity services platform used by 90% of enterprises around the world, coupled with the need for at least two different teams to collaborate to properly secure it and the constantly changing nature of its configuration, make it a difficult attack surface to protect,” said Paula Musich, EMA Research Director of security and risk management.

EMA surveyed IT professionals and executives across a range of industries to uncover how organizations are shifting priorities to address the growing threat of AD security weaknesses. The report covers:

  • Priorities and spending for Active Directory security
  • Active Directory security challenges and threats
  • Assessing the security posture of Active Directory
  • Remediating exposures and attacks
  • Protecting Active Directory
  • Active Directory and compliance