"The stickiness of these next gen technologies is actually better than what we've ever heard in previous years. But, security still seems to be an afterthought," Morey Haber, CTO at BeyondTrust, emphasized.

The survey, which included respondents from technology (25%) and financial-based (15%) industries, found broad interest in NGTs, with 90% engaged with at least one. Sixty-three percent said digital transformation will have a somewhat to extremely large effect, followed by DevOps (50%), AI (42%) and IoT (40%).

The survey also found cloud transformation accelerating. Respondents indicated 62% of workloads are on-premises, with 15% in a public cloud, 11% in private clouds and 8% in SaaS applications. In three years that changes dramatically: on-premises (44%), public cloud (26%), private cloud (15%), and SaaS (12%).

The survey reported 78% cited the security risks of NGTs as somewhat to extremely large. One in five experienced five or more breaches related to NGTs, while 52% of breaches occurred because of excessive user privileges.

The research also learned security issues, because of NGTs, happen at an alarming rate with 18% of indicating they had a breach related to NGTs in the last 24 months that resulted in data loss, 20% experienced a breach that resulted in an outage, and 25% seeing breaches that triggered a compliance event. One in five experienced five or more breaches.

The study showed more than half the time, breaches occur due to trusted users doing inappropriate things for innocent reasons, 13% indicated it happened "often" or "all the time." In 18% of the cases, trusted insiders went rogue, and in 15% of the cases, outsiders gained privileged access to steal credentials. In each case – excessive privileges are to blame.

"Some are really considering privileges and security; and others are basically treating it like other hype technologies where there are plenty of breaches and incidents because security has not been baked in as organizations are embracing these technologies," Haber articulated.

More than 80% said that privileged access management facilitates the move to next-generation technologies. Top PAM practices include controlling and governing privileged and other shared accounts (60%, 59%, respectively), enforcing appropriate credential usage (59%), and creating and enforcing rigorous password policies (55%). All survey respondents said they employed at least one PAM-related best practice to avoid NGT problems with privileged access.

"It is encouraging to see that organizations understand the benefits that privileged access management can deliver in protecting next generation technologies, but there are more best practices to employ," Haber said. "The survey affirms that security should be at the forefront of new technology initiatives, otherwise, organizations can experience serious financial, compliance, and technological ramifications later on."

Haber spoke of the vulnerability of credit unions and other institutions with the creation of new financial products such as the impending WhatsApp Payments, reportedly delayed as parent company Facebook fights fears over privacy.

Haber offered as an example what happened with some early Apple Pay fraudulent transactions using stolen phones to buy Apple products. The problem apparently linked not to the device's compromised security, but to sloppy authentication methods used by financial institutions to verify cards loaded to iPhones for Apple Pay purchases.

"So where did that money come from? Ultimately someone's bank account," Haber pointed out. He explained for some smaller credit unions, whether they choose to allow the connections into any of these new technologies is up to them. "I don't know what would stop them if say WhatsApp or another tool can be connected."