ORLANDO — A new study from SailPoint reveals that organizations investing in mature identity security practices are seeing exponentially higher returns on their investments, particularly in risk reduction, business value, and productivity. The findings from the company’s third annual Horizons of Identity Security Maturity report, conducted in partnership with McKinsey, were presented on the second day of Navigate, SailPoint’s annual user conference.
The study, which surveyed 350 security and identity leaders globally, found that while 64% of organizations are still in the early stages of their identity security journey (Horizons 1 and 2), there has been significant progress from two years ago when 74% were at these beginning stages.
“Organizations that invest to mature their identity security practice get disproportionally higher return on their investment,” SailPoint CMO Wendy Wu explained, highlighting how companies reaching Horizons 3 and 4 see substantially higher business impact across multiple dimensions, including 16% faster speed to market compared to Horizon 1 organizations.
The research identified three emerging trends shaping the industry: the rapid growth of machine identities; the need for greater visibility in identity intelligence; and the increasing role of AI-powered access decisions using context-aware policies.
A compelling case study presented during the keynote featured RWE, an international energy company that transformed its identity security program in just six months. The company leaped from Horizon 2 to Horizon 4, achieving remarkable results: expanding visibility from 2,500 to 30,000 user accounts, unifying identity strategy across 30 business units (from a starting point of 0), and reducing onboarding time from 25 days to less than three hours.
SailPoint’s own journey to Horizon 4 was detailed by CIO Sreeveni Kancharla, who emphasized the importance of executive buy-in and cross-functional alignment. Under her leadership, SailPoint achieved significant improvements, including a 75% reduction in manual compliance reviews and a 600% increase in productivity through AI-powered certification recommendations and unified data modeling.
Kancharla advised organizations beginning their identity security journey to focus on fundamentals: “Please make sure you’re focusing on executive and particular business alignment… always make sure you define the core set of applications or standard applications when you’re starting on this journey, then think about how you quickly onboard them,” she said.
The study arrives at a critical time, with Wu noting that cybercrime is projected to cost $10 trillion globally this year – equivalent to the world’s third-largest economy. However, there’s room for optimism: 83% of organizations reported that identity security investments have helped reduce identity-related security risks over the past year.
The complete Horizons of Identity Security Maturity report is available through SailPoint, offering detailed insights into how organizations can advance their identity security programs and achieve similar transformative results.