Keeper Security’s latest survey highlights a troubling gap between the recognized importance of identity security and its practical adoption. Conducted at Black Hat USA 2025, the findings show that although zero trust is widely prioritized, many organizations continue to struggle with real-world execution—particularly as AI-powered threats intensify.
Identity Security Still Playing Catch-Up
Among the 110 cybersecurity professionals surveyed in-person, just 27.3% said their organization had effectively implemented zero trust. Nearly as many reported major gaps, while others cited stalled or partial rollouts due to complexity, integration challenges, limited budgets or a lack of executive buy-in.
Top obstacles to implementation included:
- Complexity of deployment – 30%
- Integration issues with legacy systems – 27.3%
- Lack of leadership support – 20%
As organizations struggle to enforce zero trust, identity-based threats are becoming more sophisticated and more automated. Respondents identified phishing, social engineering and deepfakes as the leading concerns over the next 12 to 18 months. Yet only 16.4% said they felt fully confident in their ability to defend against AI-powered identity attacks.
Privileged Access Controls Remain a Blind Spot
The survey also revealed major gaps in privileged access management. Security leaders pointed to several common missteps:
- Not enforcing multi-factor authentication – 40%
- Failing to remove unnecessary privileges – 33.6%
- Not using a PAM solution – 32.7%
These issues reflect broader challenges with enforcing least-privilege access and maintaining visibility across today’s modern hybrid and multi-cloud environments.
A Simpler, More Scalable Approach to PAM
Traditional PAM tools can be expensive, tedious to deploy and difficult to maintain. KeeperPAM®, Keeper Security’s modern privileged access management solution, solves these challenges with a cloud-native, zero-trust architecture that simplifies privileged access security. The platform combines password, secrets, connection and session management in a single, unified interface – making it easier for security teams to automate credential rotation, monitor privileged activity and reduce risk at scale.
Mind the Gap: Awareness vs. Execution
The survey data underscores the persistent gap between intent and execution. While security leaders overwhelmingly agree on the need for zero trust and stronger identity protection, many still struggle with fragmented tools, time constraints and lack of executive support.
“Organizations need solutions that are both effective and practical to deploy across modern and distributed IT environments,” said Darren Guccione, CEO and Co-founder of Keeper Security. “Security leaders are aligned on the need for zero trust and better identity protection but many are constrained by the tools, time and support available to them.”
Keeper helps organizations close this gap by enabling zero trust adoption, enforcing least-privilege access and defending against modern identity-based threats. Its unified PAM platform delivers the visibility, automation and control needed to meet today’s evolving cybersecurity challenges.
View the full Keeper infographic: Identity Security at Black Hat 2025.
