Rich Turner, SVP EMEA, CyberArk
The accelerated rate of digital transformation that accompanied the Covid-19 pandemic shows no signs of abating. IDC predicts that 52% of global GDP will be driven by “digitally transformed” enterprises by 2023 and that, within another year, 51% of IT budgets will be focused on digital innovation and transformation.
With the deployment of long-term hybrid working models and enhanced data accessibility, this step change has generated tremendous benefits for both businesses and people. However, it has also introduced a slew of new concerns for cybersecurity teams, including an increased risk of skilled hostile actors successfully attacking businesses. In fact, according to our research, 78% of senior security professionals in the UK state that cybersecurity has taken a back seat in the last year in favour of accelerating other digital business initiatives.
This is only going to become worse as more devices, applications, and automation bots spread throughout enterprises. The same research suggests that machine identities now outweigh human identities by a factor of 39x, on average, and sixty-seven percent of non-humans or bots have access to sensitive data and assets.
These factors add up to a larger attack surface, making an even more accessible target for attackers wanting to take advantage of lax cybersecurity.
How can IT and security teams take control of the people, devices, and technology in their ecosystems to keep attackers at bay while the pressure on them grows? The answer is that they must move quickly and aggressively to reduce risks, elevating identity security to the forefront of their security strategy. This is why:
Securing identity goes beyond humans
Devices, programmes, and bots using a network, like humans – whether employees, partners, or customers – have linked identities and privileges that are ripe for exploitation. To enable secure, approved usage of data and applications, the amount of access and privilege granted to each identity must be monitored and managed.
This has long been the case, but when digital acceleration takes place, creation of identities happens at a scale that exacerbates many of the security issues which already exist within an organisation. Massive volumes of data – often sensitive data – for example, are required for artificial intelligence (AI) analytics to yield useful insights. This necessitates near-instant connectivity and communication across many diverse identities spanning applications, devices, people, and bots. If any of those identities are compromised, a malicious actor could enter an organisation’s network and use the privileges associated with that identity – whether it’s a human or not – to access what they should not be able to.
Changing your strategy for dealing with complexity
It’s challenging to manage this potentially vast threat surface, and it’s going to get more difficult. Organisations must modify the way they think about security as attackers continue to innovate, starting with a more aggressive approach to security measures.
The present digitalised and distributed world of remote work and cloud applications does not suit perimeter-based security, where organisations only allow trusted parties with the proper privileges to enter and leave. An infrastructure that is scattered across several private and public clouds, as well as on-premises locations, simply cannot be contained.
As a result, approaches like Zero Trust – which is based on the idea that organisations should not automatically trust anyone or anything – and identity security as a discipline, which incorporates Zero Trust principles at the scale and complexity required by modern digital business, have grown in popularity.
Zero Trust frameworks require anybody attempting to access an organisation’s infrastructure be validated each time before being granted access on a ‘least privilege’ basis, which is especially helpful in the context of the growing requirement to audit machine identities. Typically, they operate by collecting information about the user, endpoint, application, server, policies and all activities related to them and feeding it into a data pool which fuels machine learning (ML).
The advantage of this approach is that it can detect anomalous behaviour and unknown devices automatically, prompting the need for extra verification. Such machine learning technologies will help to shape the future of identity security and are already adding actionable analysis to bolster access controls.
Identity-first security to fuel innovation
When it comes to the spread of emerging technologies, identity security is the most effective way to ensuring access is under control. With the danger of a data breach already high, IT teams must adopt a new identity-based approach to security and employ techniques like ML to support these initiatives. This will allow security to work as a digital transformation enabler. Instead of trying to patch security holes after the fact, when it is often too late, adopting an approach that includes securing identities as an essential component of the plan means IT teams will be able to concentrate their efforts on ensuring digital transformation adds value to the overall organisation, stimulating innovation that adds to revenues and the bottom line.