For many organizations, identity security appears to be under control. On paper, everything is checked out. However, Cerby’s new research, based on insights from over 500 IT and security leaders, reveals a different reality. in fact, Less than 4% of security teams fully automate their core identity workflows.
Core workflows, such as registering with Multifactor Authentication (MFA), keeping your credentials safe and up-to-date, and revoking moments someone leaves behind, are often manual, inconsistent and vulnerable to errors. Also, if security execution depends on memory or follow-up, gaps will appear faster.
Human error is one of the biggest threats to enterprise security. Verizon’s 2025 data breach report found that human elements were involved in 60% of violations. The same manual failure that led to a breach ten years ago still exposes identity systems today. Kelby 2025 Identity Automation Gap The research report shows how widespread the problem is and how automation still needs to go ahead.
The last mile is still performed with human error
This data reveals a persistent reliance on human behavior on tasks that should be automated throughout the identity security lifecycle.
- 41% of end users will continue to share or update their passwords manuallyuse unstable methods such as spreadsheets, emails, chat tools. They are rarely renewed or monitored, increasing the likelihood of misuse of qualifications or compromise.
- Almost 89% of organizations rely on users to enable MFA manually In applications, even though MFA is one of the most effective security controls. Without enforcement, protection is an option and attackers know how to take advantage of that inconsistency.
- 59% of IT teams handle user provisioning and de-amplification manuallyrelying on the ticket system or unofficial follow-up to grant and remove access. These workflows are slow, inconsistent and easy to overlook. Removes organizations that are exposed to unauthorized access and compliance obstacles.
Organizations can’t afford to wait
The results are no longer hypothetical.
According to the Ponemon Institute, 52% of companies experience security breaches caused by manual identity work in disconnected applications. Most of them were more than four. The downstream impact was specific: 43% reported losses for customers, and 36% reported losing partners.
These obstacles are predictable and preventable, but only if an organization stops relying on humans to do what it should be automated. Identity is no longer a background system. This is one of the main control planes of enterprise security. As the surface of the attack grows and threat actors become more refined, the automation gap becomes more difficult and risky.
Why automation gaps last?
Why do these manual gaps exist when automation is so important to identity security? They emerged as a by-product of rapid growth, application sprawl, and fragmented infrastructure.
- Disconnected applications are everywhere, It also does not support the common identity standards required for integration into existing providers. The majority of enterprise applications fall into this category, and the number continues to grow. They span all business functions and are packed with sensitive data.
- IT and security teams assume tools = coverage. Today’s environments span across SaaS, mobile, cloud, and on-plame systems. Shadows continue to grow faster than anyone can track, as each business unit brings its own stack. Achieving full control in all applications remains extremely elusive.
- The STOPGAP solution does not scale. Keeping password managers, manual scripts, and other safe tools is difficult, and often create fragmented infrastructure. If integrations are not present, they are patched frequently, but these fixes are expensive to build and vulnerable to maintain. What starts as a workaround will soon become an ongoing operational burden.
Close automation gap
Good news: No rebuilding or replacing the ID stack is required to close the automation gap. That means completing it.
Advanced organizations bring automation to every corner of the application ecosystem without waiting for native integration. Some teams are exploring AI agents to fill this gap. But trust is still evolving: 78% of security leaders say they don’t trust AI to fully automate core identity tasks-still 45% support a joint human loop model.
Cerby gives organizations the flexibility to support both approaches. Provides automation when the teams you have are most needed.
Cerby’s research report, 2025 Identity Automation Gapincludes findings from over 500 IT and security leaders, as well as practical steps to close one of the most overlooked risks in enterprise security.
Download the full report or schedule a 15-minute demo to see how Cerby brings automation across your entire identity surface.
