As Cybersecurity Awareness Month (CSAM) begins this October, government and private organizations in the United States, the European Union and around the world are promoting safe and secure digital behaviors. The 2022 theme of “See Yourself in Cyber” doesn’t just encourage consumers to #BeCyberSmart in protecting their personal identities and information — it also underscores the role each cybersecurity professional plays in defending their organization and strengthening the broader supply chain ecosystem against pervasive identity-based attacks and data breaches.
Security Practitioners, “See Yourself in Cyber” this CSAM by Reassessing Your Greatest Source of Risk
Though you live in this world year-round as a cybersecurity professional, you can still benefit from taking some time to assess your organization’s security posture and revisit the basics this month. Because the identity landscape is large, complex and continuously evolving, and while cyber hygiene practices are widely understood and accepted, this is where things still tend to fall apart.
When they do, human error is often in play: An employee of a third-party vendor falls for a sophisticated phishing attack, and workforce identities get compromised, or a short-staffed cloud team overprovisions cloud IAM permissions, giving machine identities more privileges than they need. Sometimes technology fails: Maybe a security solution wasn’t built for a hybrid environment, or maybe it “drifted” over time as the digital environment evolved. Or perhaps security fundamentals were skipped over for (what seemed at the time to be) more pressing transformation priorities. Despite many varying factors, it ultimately comes back to identity, as seen consistently in major breach headlines since this time last year, and the year before that, and the year before that…
See the Bigger Picture and Make a Bigger Impact with Identity Security
Protecting your organization from identity-based threats isn’t about turning on a new solution or holding a phishing awareness webinar to check a box and move on. It’s about thinking bigger and embracing a continuous, defense-in-depth strategy that targets each “layer” of risk with both proactive and reactive security controls, prescriptive guidance for security (practitioners and line of business), and cyber hygiene awareness and best practice adherence from individual users.
This is when Identity Security can help. Centered on intelligent privilege controls, Identity Security is a strategy encompassing people, processes and technology aimed at securing an organization’s most valuable digital assets. Identity Security takes a unified approach by enabling secure just-in-time and standing access for all identities — human and machine — as they access many resources across various complex environments, flexibility automating the identity lifecycle, and continuously detecting and protecting against identity-based threats.
The Four Pillars of Identity Security (Source: Identity Security: Why It Matters and Why Now)
Throughout the month of October, we’re publishing a series of posts highlighting learnings from recent breaches and offering practical guidance aligned with four key identity-centric behaviors identified by CSAM organizers:
- Enable multifactor authentication (MFA). Enabling seamless, secure access for all identities with adaptive MFA is an important piece of an Identity Security strategy, but it’s not the only one. And, as evidenced by recent MFA fatigue attacks and increasingly stringent cybersecurity insurance requirements, it’s not enough to have MFA technology in place — making sure it’s deployed and managed correctly and consistently is just as critical.
- Use strong passwords. It’s easy for threat actors to compromise identities through credential theft using tried-and-true methods such as credential stuffing and brute-force attacks. The mathematics of password cracking clearly shows no matter how many times you change your passwords (or mandate password resets across your organization), it won’t be enough. Why? For one thing, it won’t cover the numerous hard-coded credentials in your environment. Through a least privilege-lens, Identity Security blankets all types of passwords, credentials and secrets to significantly reduce the access of any compromised identity and limit the blast radius of an attack.
- Update software. Patching devices and systems to address security issues and fix bugs has long been a cyber hygiene fundamental. When the Log4j vulnerability entered the scene, this became even more critical. But what happens when an attacker successfully weaponizes a routine update — the very means by which organizations protect themselves — to gain a foothold, compromise identities and abuse privileged credentials to access valuable assets, à la SolarWinds? Updating software today requires a careful balance between automation and manual effort, while always assuming breach and working to contain risk with multiple Identity Security layers.
- Recognize and report phishing. By carefully studying human behavior and underlying motivations and weaknesses, cyberattackers are, in many ways, the ultimate psychologists. Instead of using this knowledge for good, they exploit people’s natural tendency to trust, and no matter how strong an organization’s technological defenses may be, sophisticated phishing and social engineering attacks often succeed. This may be why 88% of security leaders agree that moving toward a “never trust, always verify” Zero Trust model is so important and why security teams increasingly view Identity Security as the most direct and efficient way to get there.
This Cybersecurity Awareness Month, our aim is to give IT and security professionals like you the Identity Security tips and tools needed to defend against today’s greatest source of risk, support Zero Trust adoption and maximize impact through a holistic approach. Check back soon for more CSAM content, and join us on Twitter, LinkedIn and Facebook to keep the conversation going.