Study Exposes Alarming Cybersecurity Threats and Staggering Costs Tied to Nonfederated Applications

SAN FRANCISCO, April 24, 2023 /PRNewswire/ — Cerby, the cybersecurity leader in protecting applications that lack support for identity and security standards, known as nonfederated or unmanageable applications, today released the results of a new study conducted by the Ponemon Institute.

Cerby issued the new study and its findings at the RSA Conference 2023 in San Francisco, where the world talks security. Cerby is exhibiting at RSA with the Microsoft for Startups program, an ecosystem that supports and advances the most innovative and urgently needed emerging solutions in cybersecurity. The complete report can be downloaded here.

The results of this new study unveil dangers and costs linked to nonfederated applications. Due to the lack of support for identity standards, these applications are not capable of being managed with identity providers. Organizations face a ticking time bomb as the growing prevalence of unmanageable applications amplifies cybersecurity and financial risks. The findings underscore the urgent need for organizations to confront looming cybersecurity risks and the economic consequences of these applications’ widespread use and mismanagement.

Key findings include:

Decentralized Management: A Recipe for Disaster
63% of respondents admit business units, rather than security and identity teams, control granting and revoking access to nonfederated applications. This dangerously decentralized approach to application management opens the door to devastating cybersecurity risks. 52% of respondents experienced a cybersecurity incident due to nonfederated applications. 63% reported a minimum of 4 – 5 incidents.

Skyrocketing Costs Squandered on Provisioning and Deprovisioning
The data shows crushing costs and time spent provisioning and deprovisioning access to applications spiraling out of control. Organizations are burdened with two significant costs when it comes to nonfederated applications. The first cost is related to staffing, specifically provisioning and deprovisioning, which totals $648,000 annually. The second cost is the financial impact of cybersecurity incidents involving nonfederated applications, which requires an average of $292,500 annually for investigation and remediation.

Dangers of Ignorance and Risk Underestimation
44% of respondents assert that management remains ignorant of the cybersecurity risks of nonfederated applications. However, 82% acknowledge the critical importance of securing these applications once enlightened about the perils.

“The Ponemon Institute’s research exposes the risks nonfederated applications pose to organizations,” said Bel Lepe, CEO and co-founder at Cerby. “By sounding the alarm on risks and costs, we aim to jolt organizations into action and encourage them to implement comprehensive processes and solutions that effectively address and mitigate these threats.”

To learn more about the research findings and how to combat the dangers of nonfederated applications, visit Follow us on LinkedIn and Twitter.

About Cerby

Cerby provides teams with the only comprehensive access management platform for nonfederated applications. Harnessing the power of identity providers, Cerby removes the need for enterprise password managers by extending single sign-on and lifecycle management capabilities to any application. Cerby’s patent-pending access orchestration engine is the first and only to make passwordless authentication an immediate reality for nonfederated applications. Cerby saves time and money by automating manual tasks, like offboarding and 2FA enrollment, and provides deep visibility and control of employee-onboarded applications. With Cerby, teams can extend access, minimize risk, and lower costs.

Jackie Lucas
Vera Voce Communications