IAM is hot: How to stay cool and help your business think ahead

We heard from a number of June office hours attendees that you wanted more info about the Delinea platform and our broader focus on identity. In response, our head of Customer Marketing, @leslie.wiggins wrote the following piece to set the stage for why we’re moving in a platform direction and in a few weeks, we’ll follow up with a webinar featuring our Product Manager @justin.harris. Let us know what else you want to know about this overarching shift toward Identity Access Management (IAM).

IAM is hot: How to stay cool and help your business think ahead

For years, Security Information and Event Management (SIEM) has captured and held most of the C-level and business attention when it comes to cybersecurity. However, the landscape has been changing - business environments have been transforming and shifting to cloud and hybrid environments, remote work and remote access by 3rd-party vendors have become the norm, and attackers have grown savvier and more focused – shifting to the highest-value targets. Identity – and how securing identities can help protect sensitive and regulated data – has become a major focus and a hot topic. Last year, a staggering 90% of organizations reported an identity-related breach, according to the Identity Defined Security Alliance. Unfortunately, most organizations’ identity security strategies have not kept pace with the changing landscape.

As a result, the Identity and Identity and Access Management (IAM) space has been heating up. As was recently reported in the 2024 X-Force Threat Intelligence Index, the use (or abuse) of valid accounts was the top initial access vector. The same report stated that “84% of critical infrastructure incidents [occurred where the] initial access vector could have been mitigated with best practices such as asset and patch management , credential hardening, and principle of least privilege.”

Identity is the first line of defense

It’s not surprising, then, that Gartner has reported in Top Trends in Cybersecurity for 2024, “As of 2023, IAM is the second most popular topic of discussion by SRM [Security and Risk Management] leaders who use Gartner’s client inquiry service.” Identity really has become – and should be –the first line of defense, and Identity teams need to be prepared to anticipate and respond to expanding business needs and pressures. With the rising excitement and expectations around IAM, it’s important to go back and review which Identity Security capabilities are being used, where gaps exist, and how silos may be raising risk.

Do you have silos?

Siloed security tools and tools that only protect Identities in one location create headaches for security teams, including limited visibility into and lack of control of the environment, time-consuming manual effort to address risks and issues, and inefficiencies across the broader cybersecurity team. The shift to Cloud has caused security issues to proliferate, as many organizations have not applied Identity Security (or other security) protections to cloud environments. The damage that the silo between on premises and Cloud environments is reflected in the 2023 Ponemon Cost of a Data Breach study, which reported that 82% of breaches involved data stored in the cloud – public, private, or multiple environments.

It’s important for organizations to step back and evaluate Identity programs and make sure solutions are centralized and integrated, providing visibility and control across use cases and environments.

Have you considered the world beyond vaulting?

Many security teams still equate Identity Security to vaulting. Although vaulting is an important foundational step within Identity Security programs to securely store and manage authentication credentials and sensitive information, other areas of Identity security also need to be considered when putting together a successful Identity Security program. Let’s consider two challenging areas tied to Identity Security: Remote access and privilege access management.

Many different people and applications depend on remote access today – from employees, business partners, and suppliers to IT and support teams. The challenge is that remote access also creates another attack vector – and it’s one that hackers are eager to use: PropertyCasualty 360 reported that 58% of recent ransomware incidents exploited a remote access vulnerability. It’s important to harden your environment and use modern methods to secure remote access. The VPN approach is not able to keep up anymore, as they can expose networks to threats, such as malware, spoofing attacks, and DDoS attacks, and can increase risk.

On the privilege access management side, according to research done by Dimension Research (Identity and Access Management: The Stakeholder Perspective), 72% of organizations report it takes a least a week for a typical worker to get a privileged identity provisioned with access to required systems (causing a delay in productivity), and 50% of the enterprises report it usually takes three days or longer to revoke access: That’s a long time to leave access open to sensitive business applications and systems. If privilege access management is a gap, this is another area that Identity Security teams should evaluate and create a plan to address.

Modernize & move forward
It’s time for Identity Security teams to level up and modernize. A modernized Identity Security program should proactively work to eliminate silos and gaps. It should enable security teams to focus on higher value activities and more proactively protect the business. Gartner also highlights “IAM infrastructure must change to deepen its support for security functions. Much of traditional IAM infrastructure in use today is overly complex and has significant gaps.” (Gartner: Top Trends in Cybersecurity for 2024). When the right Identity capabilities, spanning authorization and access, come together in a tightly integrated and highly scalable way, context can be built around identities and data to provide greater insights and protection. It’s at this point that identity security teams can stop focusing on the care and feeding of separate Identity tools and focus on high value and high visibility areas.

In the past, “Identity” just meant controlling access in a binary way: Allow/Deny. However, as bad actors have become increasingly savvy – using valid accounts as a top initial access vector to land and expand – it has become imperative for identity teams to consider and implement authentication and authorization as part of fundamental Identity hygiene to on-premises, cloud, and hybrid environments.

Today, many teams use vaulting to securely store and manage privileged credentials and sensitive information. This is a critically important first step on the journey to a robust identity security program. However, vaulting should be the beginning of your journey; not the end . Strong Identity Security requires including other capabilities along with vaulting, and your organization’s specific business and security priorities should determine the sequence of adoption. Some areas that are straightforward to adopt, yet carry a lot of impact, include:

• Expanding to protect the Cloud :
  Some organizations move from traditional vaulting, where on-premises identities are discovered and credentials are vaulted, to also supporting discovery and vaulting of cloud identities and credentials. This helps reduce the attack surface and provides greater visibility and protection.
• Beefing up security related to remote access:
  As mentioned above, remote access has become a fact of life. VPNs have been popular in the past, but their ability to secure organizations is immature. Many organizations are looking for greater simplicity, more sophisticated authorization capabilities, and vault integration.
• Broadening into threat detection and response:
  Other organizations are motivated by their CISOs, in particular, to focus on threat detection analytics and speeding response. Leveraging continuous monitoring, being able to support privileged behavior analytics across networks, and having the ability to integrate identity threat detection results into the bigger security environment have been key motivating factors for these organizations.

A world-class identity posture doesn’t happen all at once. Think through the modernization path that will work best for your organization and move in a stepwise manner: Demonstrate phased success, gain acknowledgement and support from business leaders, and then grow into the next phases. Delinea’s cloud-native Identity Security platform empowers you to adopt the capabilities you are ready for, when you are ready for them, while benefiting from tight integration and massive reliability and scalability.

The Delinea Difference

Delinea enables effective Identity-first security, delivered via a cloud-native, elastic and scalable platform. The platform provides:

• Visibility & control to discover all identities, vault and manage credentials across cloud and on-premises environments

• The ability to harden the environment to provide secure access and to secure assets

• Governance & dynamic authorization, providing seamless authorization policies and controls and AI-driven auditing

• Threat detection analytics & response capabilities to detect and address identity threats in real time

By planning ahead and anticipating what will be needed, you can stay cool as Identity Security heats up. Delinea can help you evaluate and adopt expanded Identity security capabilities and augment vaulting initiatives to provide more comprehensive Identity Security for your organization. To learn more, join the upcoming customers-only Secret Society webinar.