50% of cybersecurity professionals in Germany reported that their organizations lack a dedicated Privileged Access Management (PAM) solution in 2025.

32.7% of security leaders pointed to not using a PAM (Privileged Access Management) solution as a common misstep in privileged access management

40% of security leaders pointed to not enforcing multi-factor authentication as a common misstep in privileged access management.

33.6% of security leaders pointed to failing to remove unnecessary privileges as a common misstep in privileged access management.

13% of organisations audit privileged access only once a year or less

88% of respondents say that, in their organization, the definition of a ‘privileged user’ applies solely to human identities.

Nearly half (42%) of machine identities have sensitive or privileged access.