Identity Governance and Administration (IGA) is becoming increasingly critical as organizations face growing cybersecurity threats, complex compliance requirements, and the challenges of managing hybrid cloud environments. Omada recently surveyed over 500 IT and business leaders to assess the state of IGA in 2025, providing valuable insights for organizations looking to stay ahead.

Growing investment in cybersecurity

The survey revealed that nearly 90% of organizations increased funding for IT security teams over the past year, reflecting the rising importance of protecting sensitive data and systems. At the same time, 64% of respondents reported purchasing Cyber Liability Insurance to help mitigate the financial impact of potential breaches.

Challenges with current IGA solutions

Despite increased investment, many organizations still face significant hurdles with their IGA programs:

• Nearly 40% have not yet deployed modern SaaS-based IGA solutions.
• 60% report that restrictive total cost of ownership (TCO) limits the effectiveness of their current solutions.
• Manual processes for user onboarding, offboarding, and access management remain time-consuming and prone to error.

These challenges highlight the need for efficient, scalable, and cloud-based IGA solutions that can reduce risk while improving operational efficiency.

AI and automation are game-changers

Time-consuming manual processes are driving organizations to prioritize AI and automation when selecting IGA solutions. Generative AI capabilities, in particular, are emerging as a key criterion, enabling organizations to:

• Streamline access reviews and policy enforcement
• Gain insights from user behavior and activity
• Reduce administrative overhead while improving compliance and security

Over-permissioned accounts remain a concern

Despite improvements, over 70% of organizations report that some users still have unnecessary access to critical systems. This underscores the ongoing need to enforce the principle of least privilege and strengthen identity governance to prevent potential security breaches.

Recommended actions for organizations

To stay resilient in the evolving cyber landscape, organizations should:

1. Conduct a thorough audit of existing IGA capabilities.
2. Implement role-based (RBAC) and attribute-based access controls
3. Invest in cloud-based, AI-powered IGA solutions that simplify access management and support regulatory compliance.
4. Automate identity lifecycle processes to reduce manual effort and improve efficiency.
5. Monitor and report on access activity continuously to detect anomalies and respond proactively.

See these insights in action at State of Cyber 2025

Omada will be presenting these findings and more at State of Cyber 2025, taking place on November 20, 2025, at The Mills, Antwerp. This event is designed for IT professionals, executives, and security leaders looking to understand the latest trends in cybersecurity, identity governance, and risk management.

Don’t miss the opportunity to learn from experts and network with peers across industries!