Thursday 28 Mar 2024
By
main news image

Identity-based cyberattacks have caused massive repercussions, with news of access breaches hogging headlines daily. According to Identity Defined Security Alliance (IDSA), 84% of organisations experienced an identity-related breach in 2021, with 78% suffering direct business impact. 

Why are identity-based cyberattacks the leading cause of security breaches? One key reason may be that identities go beyond just human. Machine identities are outweighing human ones by 45 times on average – not withstanding that the average employee already has more than 30 identities. Findings from SailPoint’s latest research may surprise many, as it revealed the composition of identities businesses need to manage as machine identities make up 43% of all identities for the average enterprise, followed by customers (31%), and employee identities at 16%. 

Reining in the identity sprawl 

With the total number of identities projected to grow by 14% over the next three to five years, businesses need smarter tools to adeptly manage the identity sprawl, while securing against latest threats. 50% of respondents in our survey indicated they have already implemented artificial intelligence/machine learning (AI/ML) models to boost their capabilities or have plans to do so in the next two years, to drive real-time detection of digital identities. 

Identity security will be at the forefront of network defenses in the new year. As businesses gear up to combat 2023’s ever-mutating threat landscape, here are 5 key predictions organisations need to be aware of, to strengthen their security posture. 

2023 predictions

1. Identity-based cyberattacks will continue to be the leading cause of security breaches 

The illegitimate use of credentials has become the ubiquitous vehicle for breaches, responsible for 48% of breaches in 2021, up from 37% in 2017. The Colonial Pipeline 2021 ransomware attack, going down in history as the largest publicly disclosed cyber-attack against critical infrastructure in the US, was the result of a compromised virtual private network (VPN) password for a defunct account which was not deactivated. Hackers stole 100Gb of data within a two-hour window, shutting down more than 8,800km of pipeline which supplies almost half of the fuel for the East Coast. 

The adoption of cloud-based apps and services have seen the exponential growth of shadow IT, where employees use IT systems, devices, software, apps and services without explicit IT approval. While employees see this as a way to work more efficiently, the flip side is that: what IT is unaware of, they cannot support nor ensure its security.

With identity management becoming the first line of defence, chief information security officers (CISOs) need to ensure 360-degree visibility into all unmanaged apps and devices, to ensure a comprehensive identity security picture – the starting point of any effective identity security strategy.  

2. Zero Trust starts with identity security

Zero Trust, a security framework which relies on the principle of “never trust, always verify” is gaining popularity in today’s security landscape. Delivering timely access with least privilege enforced, it grants just-enough access based on roles and policy logic. 

An effective zero trust programme needs to be anchored on identity security to automate the identity lifecycle, manage the integrity of identity attributes, enforce least privilege through dynamic access controls and role-based polices, and ensure absolute Separation of Duties (SoD). Access needs to be continually assessed to ensure strict governance and timely response to access risks, powered by advanced technologies such as AI and ML.

Organisations should steer away from relying on basic authentication methods such as single sign-on and multi factor authentication (MFA). According to Forrester, a robust zero-trust framework needs to move beyond passwords to know thy user, know thy permissions and consistently monitor, audit and trace. In a nutshell, it needs to start at ground zero with identity security at its core. 

3. Securing non-human identities is the future of identity and access management (IAM) 

Machine identities provide a digital attack path for adversaries as they are often left exposed when organisations do not adopt the tools required to control access, authorize and continuously validate identities. With the GSMA predicting 25 billion connected devices by 2025, it is no wonder that over 50% of organisations find it challenging to protect their machine identities today.
 
For an effective centralised identity security strategy across the IT infrastructure, organisations need an orchestrated effort to adeptly protect all types of identities. In contrast, a piecemeal adoption of IAM (identity and access management) tools would open up gangways for attackers to compromise systems. 

4. Cloud complexities drive demand for identity security in the cloud

With the accelerated adoption of hybrid cloud driven by the pandemic, 38% expect more serious cyberattacks via the cloud in 2023. Businesses should exercise high caution after the SolarWinds attack, another recent prominent cybersecurity breach, which saw attackers compromising an active directory federation services (Microsoft single sign-on service) in an on-premises environment. This opened a backdoor to cloud-based Microsoft365 accounts of thousands of SolarWinds government and enterprise customers, who were also integrated into the single sign-on credentials. 

To effectively deploy and scale one’s identity governance programme, there is a need to consider Software-as-a-Service (SaaS) platforms. SaaS models are designed to help organisations with flexibility, enhanced security, and automation, while reducing workforce disruption, providing cost savings and driving value within a shorter time. More importantly, a cloud-based SaaS solution empowers businesses with the agility to innovate quickly to meet the fast-evolving customer needs of today. 

5. Identity security is business essential, with AI/ML-driven identity security as the way forward

It is simply too risky for organisations to offer access to their technology resources, without first bolstering each access point with clear identity security controls. AI/ML-driven identity security provides 360-degree visibility, detection, and remediation, so enterprises can stay ahead of the threat curve with confidence. For example, AI-driven identity security from SailPoint leverages trusted data intelligence to proactively discover, manage and control all user access. 

With trusted intelligence and frictionless automation, backed by comprehensive integration, organisations are empowered to easily and securely remove or reinstate access when an employee joins, changes roles or leaves the company, all without any human interaction, which greatly simplifies the onboarding and offboarding process for joiners, movers, and leavers. 

By automating the discovery and remediation of anomalous identities and high-risk access permissions, businesses can look forward to cutting operational costs for IAM by up to 30%; reducing data breach costs by up to 80%; and, enhancing overall user productivity with savings of up to 11,000 hours, and more. Looking beyond adopting AI-based identity solutions for compliance, an AI-driven identity security approach can be a vital business enabler.

How mature is your identity security programme?

It’s crucial to know where your organisation stands across the 5 horizons of identity security. With 55% of organizations still relying on manual processes to adjust access and 45% of companies at the start of their identity journey (horizon1), there is great potential to gain exponential benefits when building a comprehensive, AI-enabled identity security strategy from the ground up. 

It is time to eradicate any potential digital attack paths before threat actors gain a foothold within your organisation. 

Boey Chern-Yue is the senior vice-president of Asia-Pacific at SailPoint, a global provider of enterprise identity security solutions.

      Print
      Text Size
      Share