As Credential-Based Attacks Soar, Identity Threat Detection and Response Becomes Critical to Secure Access

Passwords remain one of the weakest links in cybersecurity. According to Verizon’s 2024 Data Breach Investigations Report, 80% of breaches stem from compromised credentials. In addition, IBM’s Cost of a Data Breach Report adds that 90% of successful cyberattacks and 70% of data breaches originate at endpoint devices, indicating that friction in the login process can lead to risky workarounds like credential sharing among end users. These realities underscore the urgent need for identity-centric security strategies that protect access without compromising usability.

As digital environments grow more complex and adversaries scale attacks faster with AI-powered automation, traditional perimeter defenses are no longer enough. The FBI reports a 9% increase in ransomware attacks against critical infrastructure in 2024, particularly in healthcare, manufacturing, and energy. Security teams are confronted with rising operational friction, burnout, and risk from legacy systems. To stay resilient, experts are urging organizations to move beyond siloed tools toward integrated identity and access management (IAM).

“Modern cybersecurity demands more than control. It demands confidence in every user, device, and application that keeps the business running,” said Imprivata Chief Product Officer Chip Hughes in a recent Imprivata blog.

That confidence increasingly comes from Identity Threat Detection and Response (ITDR) capabilities that enable continuous risk assessment, proactive anomaly detection, and automated mitigation across the access lifecycle. Reflecting this evolution, Imprivata recently announced its acquisition of Verosint, a leader in ITDR solutions.

“Understanding risk is an essential component of a modern access management solution, and this acquisition allows us to deliver greater value to our customers at a faster pace,” said Imprivata CEO Fran Rosch, highlighted in a recent HIT Consultant article. “By integrating Verosint’s risk engine into our platform, we advance our broader vision of a comprehensive, passwordless access ecosystem.”

The move reflects a broader industry shift toward intelligent, identity-driven access management, where risk assessment, response, and continuous identity intelligence form the backbone of secure digital transformation. For mission-critical organizations, it represents a pivotal step toward next-generation, passwordless access and stronger enterprise-wide protection.

Read the press release to learn more about the integration of Verosint ITDR with Imprivata Enterprise Access Management.