The road ahead for identity management
Image via Pixabay
The year 2023 has been a year marked by layoffs and budget cuts. In the U.S, there have been three major bank failures, and economic uncertainty continues worldwide. In the tech industry alone, there’s been more than 248,842 layoffs as of early November.
At the same time, ransomware attacks show no signs of slowing down and new threats are emerging all the time as we live more and more of our lives online. Critical infrastructure and systemically important enterprises, in particular, are under increasing attack. These are the functions of government and the private sector that are deemed so vital to their respective countries that their disruption, corruption or dysfunction would have a debilitating impact on security, national economic security or public health/safety.
As attacks continue, layoffs and economic uncertainty remains, and we live an increasing portion of our lives online, the greater the need for strong, modern identity management and governance.
The onslaught of increased security risk
Ransomware and other cyber-attacks continue to rise. The number of ransomware attacks increased by 78% from 2020 to 2021, according to Sophos's "The State of Ransomware 2022" report. Bad actors are becoming more emboldened and continue to innovate and find new methods for attack, not to mention new targets.
As mentioned, critical infrastructure has become a bigger and bigger target for cybercriminals — and such attacks against these sectors can have significant negative consequences.
Consider the attack against Colonial Pipeline in May 2021, which led to a temporary shutdown of almost half of the gasoline and jet fuel supply delivered to the east coast of the U.S., or the ransomware attack that same month against Health Service Executive, one of Ireland’s largest medical systems. That incident led to a temporary shutdown of the organization’s local and national networks, and confidential corporate data was stolen. These attacks have the potential to cause significant harm and they’re becoming more expensive, too. The average cost of a data breach was estimated to be $4.35 million in 2022, a 17% increase from 2020. Organizations have an imperative to protect their sensitive data and intellectual property and keep operations safe from interruptions caused by cyber-attacks.
The impacts of layoffs
Parallel to the ever-increasing cyber risk, we’ve seen an uptick in layoffs and job reductions at the global level amid economic uncertainty and recession fears.
There are three major security impacts that can result from this: For one thing, reducing staff headcount means you must do more with less. Secondly, during reorganizations you need to make sure that employees can seamlessly use the applications they need and at the same time access to data is appropriately restricted. A third problem stems from how access and privileges are managed, with regards to the off-boarding process.
When it comes to having fewer people to get more work done and keeping access rights up to date, this is a problem from all functions but especially security, which already suffers from a significant cybersecurity skills shortage — 3.4 million jobs remain unfilled worldwide. How do you ensure you can administer the proper security and maintain compliance?
IT environments that need to be protected are getting increasingly complex, and due to increasing collaboration and remote work, even more identities and access rights need to be managed. With fewer employees, especially if there are gaps in your security function, how do you ensure your organization can still be secure? And how do you ensure productivity? This can only be achieved by automating access management to the highest degree possible.
The second risk with layoffs and job losses stems from what access and privileges employees have. Aside from the regrettable fact that people have been let go is the fact that this can lead to security and compliance issues. Ex-employees who felt betrayed in the past — whether rightfully or wrongly — have sometimes used their insider access to cause chaos, exfiltrate data and commit other kinds of mischief following an incident.
Addressing the insider threat requires implementing a "least privilege" policy, which will be easier to do. Other risks will be reduced by clear joiner, mover and leaver (JML) processes, along with identity analytics that detect orphaned or stale accounts, enable better-informed judgments throughout access requesting, and trigger access reviews and other risk remediation processes.
Regaining control
All these challenges underscore the need for strong, automated Identity Governance and Administration (IGA) functions that can be tailored flexibly to the individual needs of an organization, and that can dynamically be adapted when the organization changes.
Policy-driven automation is needed to manage access rights for a large, dispersed workforce across a wide variety of systems and applications. This ensures that workers and contractors have access to systems when their duties require it or when new systems are made available.
Through the automation of the processes for provisioning and governing access, automated access management increases the efficiency of user administration. For example, during the onboarding of new workers, managers must make sure that they have access to the technologies they require on Day 1. This is part of the automation of business processes driven by changes to human resources data.
Recertification is another function that is a great use case for automation. Doing it manually requires an enormous amount of time spent on collecting all the access rights, collecting the result, and fixing the holes in the systems that the managers have detected. That's an enormous amount of time and effort being spent on recertification. Automating this process can improve productivity significantly.
Getting hybrid infrastructures under control
Today’s IT infrastructures are increasingly hybrid, combining on-premises environments and cloud environments, which need to be controlled. Cloud subscription models enable fast on- and offboarding of applications and bring additional dynamics that need to be managed by IT and IT security.
Organizations must move to a Zero Trust model, for which strong identity management is a backbone. The concept of "zero trust" is based on the idea that everyone should be treated with suspicion, regardless of a network perimeter. As a result, it’s a strategy that is designed to safeguard data flows, perform reliable authentication and define authorizations thoroughly.
Identity security amidst uncertainty
As the world approaches the end of 2023, it has already experienced a wave of layoffs and budget cuts. But organizations can’t let security and identity management take a hit moving forward. As cyber-attacks rise, so does the possibility of insider threats by disgruntled former employees. Now more than ever, organizations must stay on their security toes by implementing strong, flexible and automated IGA functions.
