The importance of identities in cyber security protection

With the total number of identities in a typical enterprise growing rapidly, providing secure yet easy access to resources is increasingly tough for security personnel.

Johannesburg, 20 Sep 2023
David Higgins, Senior Director, Field Technology Office, CyberArk.
David Higgins, Senior Director, Field Technology Office, CyberArk.

Digital adoption is clearly continuing at pace across a multitude of industries and business sectors, as business leaders aim to use the benefits of modern technology in order to unlock greater efficiencies and foster innovation. Of course, this impacts cyber security professionals, who – in the face of tightening budgets and increasing threats – are expected to do more, faster and with less than ever.

According to David Higgins, Senior Director, Field Technology Office at CyberArk, this is increasingly difficult, given their need to defend a rapidly expanding and unsecured identity-centric attack surface.

“It is clear that in most companies, investment in digital and cloud initiatives continues to outpace cyber security spending. Add to this the increasing number of threat vectors, driven by new approaches like hybrid working, and the old method of securing your boundaries or perimeters is no longer effective,” he says.

“Instead, identities – both human, in the form of employees, third-party users and customers, and machine such as applications, infrastructure, bots and workloads – are the first and last line of defence.”

Higgins notes that CyberArk’s 2023 Identity Security Threat Landscape Report offers a glimpse into the growth of identities as a key cyber security protection measure.

“The total number of identities in a typical enterprise in 2023 is expected to be 2.5 times what they had in the past year. For security professionals, it’s a demanding job to manage such large numbers of identities while making sure users can securely access resources at the right time, from anywhere, on any device.”

In fact, he says, the report surveyed 2 300 global security decision-makers, and around 99% stated they expect to face an identity-related compromise in the year ahead. They indicate the most likely causes of such a compromise will be economic-driven cutbacks, geopolitical factors, cloud adoption and hybrid working.

“The report also indicates that 63% of respondents said that the highest-sensitivity access for employees, such as IT administrators, is not adequately secured today. They also noted that credential theft remains the number one concern for cyber security practitioners.

“Many of these security teams are already understaffed and under-resourced, and nearly one-third of respondents add that gaps in cyber security skills further hinder security efforts. As corporate belt-tightening continues, respondents cite growing challenges across several distinct areas of identity security risk,” he says.

“The risk associated with people is one of these,” explains Higgins. “Humans are always a security challenge, and many incidents stem back to user error or intentional misuse. In fact, three-quarters of respondents are concerned about confidential information loss, stemming from employees, ex-employees and third-party vendors.”

A related challenge is workforce upheaval. “Some 68% of respondents say layoffs and higher levels of employee churn will create new security issues. For example, 58% report instances of exiting users saving sensitive or confidential work documents outside of policy.

“Every time an employee leaves, the IT team must remove access permissions from the various applications they used. Malicious actors, who are often former disgruntled employees, count on things slipping through the cracks during manual off-boarding processes. And from a security perspective, one wrongly provisioned or over-privileged account is all they need,” he adds.

“Machine identities outnumber human ones at a rate of 45:1, meaning there is a pressing need to secure them all quickly, but without impacting users,” continues Higgins. This is mainly due to increasing IT complexity, which in itself drives issues – two-thirds of security teams operate with limited visibility across their environment. Such a lack of visibility makes it difficult to understand not only who is accessing sensitive data and assets, but also what they are accessing.

Modern working practices also produce their own issues: “With the need for speed and flexibility inherent in software development, rapid innovation is often prioritised and software developers are given more access than required, making these human identities highly attractive targets. Nearly 40% suggest that development is the area where unknown, unmanaged identities create the most risk.

“Reports such as this demonstrate the on-the-ground issues that organisations around the world face in 2023," concludes Higgins. “It provides the ideal foundation for cyber security professionals looking to implement a zero trust approach, helping them to understand how forward-looking organisations are prioritising and tackling key areas of identity risk to amplify the security impact. Ultimately, having access to the right information can help your business to weather the current storm, avoid compounding levels of cyber security debt and face the future with increasing confidence.”