Identity-based cyberattacks have been wielding massive repercussions, with news of access breaches hogging headlines. According to Identity Defined Security Alliance (IDSA), 84% of firms experienced an identity-related breach in 2021, with 78% suffering direct impact.
Why are identity-based cyberattacks the leading cause of breaches? One key reason may be that identities go beyond just human. Machine identities are outweighing human ones by 45 times on average – not withstanding that the average employee has more than 30 identities.
Findings from SailPoint’s latest research may surprise many, as it revealed the composition of identities businesses need to manage as machine identities make up 43% of all identities for the average enterprise, followed by customers (31%), and employee identities at 16%.
Reining in the identity sprawl
With the total number of identities projected to grow by 14% over the next 3 to 5 years, businesses need smarter tools to adeptly manage the identity sprawl, while securing against latest threats. 50% of respondents in our survey indicated they have already implemented artificial intelligence/machine learning (AI/ML) models to boost their capabilities or have plans to do so in the next two years, to drive real-time detection of digital identities.
What are my 2023 predictions?
Identity security will be at the forefront of network defenses in the new year. As more businesses gear up to combat 2023’s ever-mutating threat landscape, here are 5 key predictions organizations need to be aware of, to strengthen their security posture.
Identity-based cyberattacks will be the leading cause of security breaches
Over the years, the illegitimate use of credentials has become the ubiquitous vehicle for breaches, responsible for 48% of breaches in 2021, up from 37% in 2017. The Colonial Pipeline 2021 ransomware attack, going down in history as the largest publicly disclosed cyber-attack against critical infrastructure in the US, was the result of a compromised virtual private network (VPN) password for a defunct account which was not deactivated.
Hackers stole 100Gb of data within a two-hour window, shutting down more than 8,800km of pipeline which supplies almost half of the fuel for the East Coast. The adoption of cloud-based apps and services have seen the exponential growth of shadow IT, where employees use IT systems, devices, software, apps and services without explicit IT approval.
While employees see this as a way to work efficiently, the flip side is that: what IT is unaware of, they can’t support nor ensure its security. With identity management the first line of defence, CISOs need to ensure 360-degree visibility into unmanaged apps, to ensure a comprehensive identity security picture – the starting point of an effective strategy.
Zero Trust starts with identity security
Zero Trust, a security framework which relies on the principle of “never trust, always verify” is gaining popularity in today’s security landscape across the globe. Delivering timely access with least privilege enforced, it grants just-enough access based on roles and policy logic.
An effective zero trust program needs to be anchored on identity security to automate the identity lifecycle, manage the integrity of identity attributes, enforce least privilege through dynamic access controls and role-based polices, and ensure absolute Separation of Duties (SoD). Access needs to be continually assessed to ensure strict governance and timely response to access risks, powered by advanced technologies such as AI and ML.
Organizations should steer away from relying on basic authentication methods like single sign-on and multi factor authentication (MFA). According to Forrester, a robust zero-trust framework needs to move beyond passwords to know thy user, know thy permissions and monitor, audit and trace. It needs to start at ground zero with identity security at its core.
Securing non-human identities is the future of Identity and Access Management
Machine identities provide a digital attack path for adversaries as they are often left exposed when organizations don’t adopt the tools required to control access, authorize and validate identities. With the GSMA predicting 25 billion connected devices by 2025, it is no wonder that over 50% of organizations find it challenging to protect their machine identities today.
In addition, for an effective centralized identity security strategy across the information technology (IT) infrastructure, global organizations need an orchestrated effort to adeptly protect all types of identities. In contrast, a piecemeal adoption of Identity and Access Management (IAM) tools would open up gangways for attackers to compromise systems.
Cloud complexities drive demand for identity security in the cloud
With the accelerated adoption of hybrid cloud driven by the pandemic, 38% expect more serious cyberattacks via the cloud in 2023. Businesses should exercise high caution after the SolarWinds attack, another breach, which saw attackers compromising an active directory federation services (Microsoft single sign-on service) in an on-premises environment.
This opened a backdoor to cloud-based Microsoft365 accounts of thousands of SolarWinds govt and enterprise clients, who were integrated into the single sign-on credentials. To deploy and scale one’s identity governance program, there is a need to consider SaaS platforms.
SaaS models are designed to help organizations with flexibility, enhanced security, and automation, while reducing workforce disruption, providing cost savings and driving value within a shorter time. More importantly, a cloud-based SaaS solution empowers businesses with the agility to innovate quickly to meet the fast-evolving customer needs of today.
AI/ML-driven identity security is the way forward
It is too risky for firms to offer access to their technology resources, without first bolstering each access point with clear identity security controls. AI/ML-driven identity security provides 360-degree visibility, detection, and remediation, so enterprises can stay ahead of the threat curve with confidence. For example, AI-driven identity security from SailPoint leverages trusted data intelligence to proactively discover, manage, and control all user access.
With trusted intelligence and frictionless automation, backed by comprehensive integration, firms are empowered to easily and securely remove or reinstate access when an employee joins, changes roles or leaves the company, all without any human interaction, which greatly simplifies the onboarding and offboarding process for joiners, movers, and leavers.
By automating the discovery and remediation of anomalous identities and high-risk access permissions, businesses can look forward to cutting operational costs for IAM by up to 30%; reducing data breach costs by up to 80%; and enhancing overall user productivity with savings of up to 11,000 hours, and more. Looking beyond adopting AI-based identity solutions for compliance, an AI-driven identity security approach can be a vital enabler.
How mature is your identity security program?
It’s crucial to know where your firm stands across the 5 horizons of identity security. With 55% of firms still relying on manual processes to adjust access and 45% of firms at the start of their identity journey (horizon1), there is great potential to gain exponential benefits when building a comprehensive, AI-enabled identity security strategy. It is time to eradicate any potential digital attack paths before threat actors gain a foothold. Take the assessment.
Chern-Yue Boey is the Senior Vice President, Asia Pacific at SailPoint.