From Risk to Resilience: Advancing Identity Security to Reduce Cyber & Compliance Risk

Organizations today face excessive cyber risk and regulatory pressure, with identity-related breaches accounting for the vast majority of security incidents. As compliance requirements multiply—growing from just 25 identity-related regulations in 2010 to over 135 today—businesses struggle to keep pace while still relying on fragmented, manual identity systems. The PwC and SailPoint identity maturity model reveals how organizations evolve across five horizons, from basic, fragmented programs to advanced, AI-driven governance. Along this journey, businesses that embrace automation and intelligence see reduced risk exposure, stronger compliance alignment, and measurable improvements in resilience. Yet with fewer than 2% of organizations reaching the highest maturity stage, the opportunity for transformation is significant.

Key Takeaways:

• Rising stakes: 90% of breaches are identity-related, while machine identities already account for 40% of all organizational identities.
• Escalating compliance pressure: Regulatory requirements have increased more than fivefold in the past decade, with 32% of leaders prioritizing compliance in cyber budgets.
• Maturity advantage: Organizations in Horizons 3–5 show higher security performance, with Horizon 3 companies achieving 50% higher NIST CMMI scores and Horizon 4 leveraging AI for new use cases.
• Transformation potential: Only 2% of organizations have reached Horizon 5, representing a major opportunity to strengthen security and compliance posture

Download the complete guide to explore where you are on the journey and how to accelerate progress.

White Paper from