The National Cybersecurity Alliance and the Identity Defined Security Alliance (IDSA), present the first 'Identity Management Day,' an annual awareness event which will take place on the second Tuesday in April each year.
To celebrate the inaugural Identity Management Day, we sat down with Julie Smith, executive director, IDSA to discuss what the day means to the industry and how identity management has shifted to become a critical role in cybersecurity in recent years. Don't forget to use #IDMgmtDayChat to join the conversation.
"Due to the sensitivity of organizational identities and the nature of today’s threat landscape, I firmly believe identity management should take the No.1 priority spot in order to improve security posture."
Tell us a bit about IDSA's mission and how NCSA supports that mission.
The Identity Defined Security Alliance (IDSA) is a nonprofit that provides vendor-neutral education and resources to help organizations reduce the risk of a breach by combining identity and security strategies. The mission of Identity Management Day is to educate business leaders, IT decision makers and consumers on the importance of identity management and key components including governance, identity-centric security best practices, processes, and technology, with a special focus on the dangers of not properly securing identities and access credentials. As part of the day, the National Cyber Security Alliance (NCSA) will provide guidance for consumers, to ensure that their online identities are protected through security awareness, best practices and readily available technologies.
What makes identity management critical to an overall security posture? Where should it rate on the list of priorities for organizations in 2021?
Identities consist of all humans and non-humans, such as virtual machines, applications and more, in a network. Digital identities within an organization can include employees, contractors, third parties, customers, consumers, machines, and more. The proper management of these identities is critical to overall security posture because identity is the key into a network and a company’s sensitive data. Due to the evolving threat landscape, most hackers are now logging in instead of penetrating firewalls or other similar network defenses. By getting lazy with logging existing identities, removing credentials once an employee leaves, or not reinforcing standard passwords with other tools such as multi-factor authentication (MFA) and the likes, all an adversary has to do is log in.
Due to the sensitivity of organizational identities and the nature of today’s threat landscape, I firmly believe identity management should take the No.1 priority spot in order to improve security posture. Organizations have been left with distributed security teams in the wake of the transition to remote work, and adversaries are well aware of this fact. By hiding in plain sight with legitimate credentials, it can take analysts days, weeks, or even months to find the intruder within their walls. When you prioritize identity and identity management from day one, hackers will not have the chance to get access to the network in the first place.
What has changed in the threat landscape in the past few years - that has impacted identity strategies?
The Verizon Data Breach Investigation Report consistently finds that about 80% of hacking-related breaches leverage stolen and/or weak passwords. The IDSA’s research last year showed that over 90% of organizations have had an identity-related attack, a number which was echoed by Centrify’s research just last month.
COVID-19 has most certainly exacerbated the problem with over 60% of business decision makers anticipating COVID-themed phishing attacks to increase throughout the duration of 2021. Research has also shown that phishing, which can be a gateway to stealing legitimate users’ credentials, remains a big issue throughout the pandemic. More than three-quarters of individuals admit to opening emails from unknown senders, with over half blaming it on the fact that phishing emails are more realistic than ever. Combined with the fact that many security teams are still distributed, COVID-19 has made minimizing identity sprawl and protecting the identities themselves more challenging than ever before.
What are organizations typically lacking when it comes to their identity strategy?
The vast majority of data breaches making headlines are the result of poor identity management. Twitter, Marriott, Nintendo…the list goes on. These breaches often leverage weak identity management, such as weak or previously compromised passwords, not leveraging multi-factor authentication and single sign-on or leaving standing privileges open.
In short, organizations often leave the keys to the most critical parts of their kingdom available for the taking. More often than not, attackers will target individuals with access to the most sensitive information, so that they can do the most damage. These are known as privileged users.
Attackers also use a compromised identity to infiltrate privileged, highly-protected systems and then move laterally gaining elevated permissions. In addition to following identity security best practices, organizations should also invest in a privileged access management (PAM) solution that allows for higher assurance during an authentication event based on the current profile of a user, the sensitivity of the data and the elevated permissions being used.
Where can organizations find more information on identity management strategies and their importance?
The IDSA and NCSA both have valuable vendor-neutral advice on our websites.
Identity Management Day Hub: www.identitymanagementday.org
IDSA Website: https://www.idsalliance.org/
NCSA Identity Management Day Resources: https://staysafeonline.org/identity-management-day/
In addition, organizations can participate in a number of interactive events on Identity Management Day.
The day-of events will include:
The unveiling of the first-ever ‘Identity Management Awards
Identity Management Day panel webcast at 10 a.m. MT. Panelists will include: myself, Kevin Coleman, executive director, NCSA, Stephen Lee, VP, technical strategy and partnerships, Okta, and Thomas Malta, head of IAM, Navy Federal Credit Union.
A webinar from the NCSA on identity management and security best practices for the SMB audience at 12 p.m. MT.
#IDMgmtDayChat on Twitter at 1 p.m. MT, hosted by the NCSA (@StaySafeOnline).
Organizations can also rely on the IDSA blog year-round for the best advice on identity management.