A study has found that increased technological and organizational complexity is contributing to new identity risks that security leaders must manage. The study, done by ConductorOne, surveyed more than 500 IT security leaders in the United States and found that increased complexity is driving new identity risks. 

On the subject of technology complexity, the report found that hybrid IT environments are common. 76% of respondents reported that their company has a hybrid IT environment. 18% stated their organization’s IT environment is on premises, and only 6% indicated an environment that is completely in the cloud. 

Furthermore, nearly all respondents (97%) stated that their organization works with external entities. External entities may include partners, contractors or suppliers, all of whom have some level of access to their systems, applications or resources.

The survey asked respondents to indicate their greatest identity and access management difficulties. The top challenges discussed in the report are as follows:

• The complexity of their organization's existing systems (47%)  
• Resistance to change among employees (38%) and resistance to change among executives (32%)
• Limitations of available tools (33%)
• The company's current identity security strategy/access policy (47%). 

Additionally, 47% of respondents stated that their organization’s current identity security strategy/access policy impedes team productivity. 23% indicated that the hindrance was significant.