Cloud Security

The rise of human and machine identities drives security policies in organizations [Report]

The rise of human and machine identities drives security policies in organizations [Report]
Written by ga_dahmani
The rise of human and machine identities drives security policies in organizations [Report]

The rise of human and machine identities drives security policies in organizations [Report]
brooke.crothers
Mon, 06/27/2022 – 17:31

‘Explosion’ of machine identities

Identity-related breaches continue to be a “massive threat” to organizations as they try to manage the growing number of identities, IDSA said.

DevOps Connection: DevSecOps @ RSAC 2022

The overwhelming majority (98%) of identity and security professionals say that the number of identities in your organization is on the rise due to the rise of machine identities, cloud adoption, and third-party relationships (see infographic below).

“Managing identities is becoming increasingly complicated for organizations … with the continuation of remote work, the rise of contractor and third-party relationships, and the explosion of machine identities,” Julie Smith, executive director of IDSA, said in a statement.

key takeaways

Identity growth continues, making identity a top security priority

  • 98% reported that the number of identities is increasing, primarily driven by cloud adoption, third-party relationships, and machine identities.
  • 94% said identity investments are part of strategic initiatives including cloud adoption (62%), Zero Trust implementation (51%) and digital transformation initiatives (42%).
  • 64% of respondents say managing and securing identity is one of the top three priorities of their security program.

Identity-related attacks are on the rise and shocking, but preventable

  • 84% of respondents said they experienced an identity-related breach in the past year.
  • 78% cited direct business impacts as a result of the breach, including recovery costs and reputational damage.
  • 96% reported that they could have prevented or minimized the breach by implementing identity-centric security outcomes.

Investments in safety outcomes remain a work in progress, lack of focus on the basics

  • 97% reported that they plan to invest in identity-centric security outcomes.
  • 51% typically remove a former employee’s access within a day, but only 26% always do so
  • 43% believe implementing multi-factor authentication (MFA) would have made a difference in preventing breaches
Identity and investment in Zero Trust

As the traditional network perimeter has eroded, identity has emerged as a security strategy focus for many enterprises, underscored by the fact that 64% of respondents said managing and securing identity is among the top three priorities.

This, in turn, is stimulating investment. A full 94% of identity and security professionals said their identity program had been included as an area of ​​investment in strategic initiatives in the past year related to cloud, Zero Trust, vendor management, digital transformation, and cyber insurance .

“Whether it’s to better control who accesses cloud resources or implement Zero Trust to enforce the principle of least privilege for a growing army of providers, many organizations see identity as too important a puzzle piece to ignore,” the report said.

Source: Identity Defined Security Alliance

Multi-factor authentication jumps to the top of the list

Multi-factor authentication (MFA), in the context of a “mitigation strategy,” jumped to the top of the list in breach prevention. Forty-three percent believed that implementing MFA for all users would have made a difference. The next most common responses were more timely reviews of privileged access (41%) and continuous discovery of all user access rights (34%).

lax deprovisioning

Accounts that no longer have valid owners present opportunities for attackers to abuse the trust and privileges granted to previously legitimate users, IDSA said.

“For this reason, they leave organizations particularly vulnerable to disgruntled former employees who may want to steal data or take other malicious actions,” the report says.

“Other threat actors can take advantage as well, as these accounts may not be compliant with security policies and lack an owner who can tell their account is being misused.”

Only 51% of organizations in the survey said they typically remove a user’s access to corporate systems the day (35%) or the day after (16%) the employee leaves.

Related Posts:

About the author

ga_dahmani

Leave a Comment