Solving the identity crisis in cybersecurity

Image by jcomp via Freepik

The evolving threat landscape is making identity protection within the enterprise a top priority. According to the 2022 CrowdStrike Global Threat Report, nearly 80% of cyberattacks leverage identity-based attacks to compromise legitimate credentials and use techniques like lateral movement to quickly evade detection. The reality is that identity-based attacks are difficult to detect, especially as the attack surface continues to increase for many organizations.

Every business needs to authenticate every identity and authorize each request to maintain a strong security posture. It sounds simple, but the truth is this is still a pain point for many organizations. However, it doesn’t need to be.

Why identity protection must be an urgent priority for business leaders

We have seen adversaries become more adept at obtaining and abusing stolen credentials to gain a foothold in an organization. Identity has become the new perimeter, as attackers are increasingly targeting credentials to infiltrate an organization. Unfortunately, organizations continue to be compromised by identity-based attacks and lack the awareness necessary to prevent it until it’s too late.

Businesses are coming around to the fact that any user — whether it be an IT administrator, employee, remote worker, third-party vendor or customer — can be compromised and provide an attack path for adversaries. This means that organizations must authenticate every identity and authorize each request to maintain security and prevent a wide range of cyber threats, including ransomware and supply chain attacks. Otherwise, the damage is costly. According to a 2021 report, the most common initial attack vector — compromised credentials — was responsible for 20% of breaches at an average cost of $4.37 million.

How zero trust helps contain adversaries

Identity protection cannot occur in a vacuum — it’s just one aspect of an effective security strategy and works best alongside a zero trust framework. To realize the benefits of identity protection paired with zero trust, we must first acknowledge that zero trust has become a very broad and overused term. With vendors of all shapes and sizes claiming to have zero trust solutions, there is a lot of confusion about what it is and what it isn’t.

Zero trust requires all users, whether in or outside the organization’s network, to be authenticated, authorized and continuously validated before being granted or maintaining access to applications and data. Simply put, there is no such thing as a trusted source in a zero trust model. Just because a user is authenticated to access a certain level or area of a network does not necessarily automatically grant them access to every level and area. Each movement is monitored, and each access point and access request is analyzed. Always. This is why organizations with the strongest security defenses utilize an identity protection solution in conjunction with a zero trust framework. In fact, a 2021 survey found that 97% of identity and security professionals agree that identity is a foundational component of a zero trust security model.

It’s time to take identity protection seriously — here’s how

As organizations adopt cloud-based technologies to enable people to work from anywhere over the past two years, it’s created an identity crisis that needs to be solved. This is evidenced in a 2021 report, which found a staggering 61% of breaches in the first half of 2021 involved credential data.

A comprehensive identity protection solution should deliver a host of benefits and enhanced capabilities to the organization. This includes the ability to:

Stop modern attacks like ransomware or supply chain attacks
Pass red team/audit testing
Improve the visibility of credentials in a hybrid environment (including identities, privileged users and service accounts)
Enhance lateral movement detection and defense
Extend multi-factor authentication (MFA) to legacy and unmanaged systems
Strengthen the security of privileged users
Protect identities from account takeover
Detect attack tools

Identity protection is sometimes seen as the last line of defense for organizations, which is why it should be a key component of an organization’s security posture. Organizations that revamp their identity security approach will be best positioned to stop breaches and maintain business continuity in an age of increased identity-based threats.

Mike Sentonas is CrowdStrike's Chief Technology Officer. Previously, he served as Vice President, Technology Strategy at CrowdStrike. With over 20 years’ experience in cybersecurity, Mike’s most recent roles prior to joining CrowdStrike were Chief Technology Officer – Security Connected and Chief Technology and Strategy Officer APAC, both at McAfee (formerly Intel Security). Mike is an active public speaker on security issues and provides advice to government and business communities on global and local cyber security threats.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.

Solving the identity crisis in cybersecurity

Why identity protection must be an urgent priority for business leaders

How zero trust helps contain adversaries

It’s time to take identity protection seriously — here’s how

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Solving the identity crisis in cybersecurity

Why identity protection must be an urgent priority for business leaders

How zero trust helps contain adversaries

It’s time to take identity protection seriously — here’s how

Share This Story

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.