- Windows 11 24H2 hit by a brand new bug, but there's a workaround
- This Samsung OLED spoiled every other TV for me, and it's $1,400 off for Black Friday
- NetBox Labs launches tools to combat network configuration drift
- Navigating the Complexities of AI in Content Creation and Cybersecurity
- Russian Cyber Spies Target Organizations with Custom Malware
3 tips to help bridge the gap between identity and security teams
Every year, we see the lines continue to blur between IT, operations and security teams, with many functions traditionally sitting with the CIO that may be better suited with the CISO — or at least need a dotted line to the security team. One such function is identity. Identity and Access Management traditionally manages access to systems, databases, devices, the cloud, SASS applications, remote access, multi-factor authentication (MFA) and account privileges rather than focusing on securing identities and identity infrastructure.
Everyone knows identity has become a business-critical service. But now, identity has come to the forefront of both the IT and security conversations. Some organizations still operate with an antiquated security ideology with an old-school security team mainly focused on endpoint protection and lacking the technology and expertise to confront the rapidly increasing identity threats. Recent research found that 83% of organizations have experienced a data breach involving compromised credentials — the prevailing view is that bad actors don’t break in; they just log in. IT and security leaders are grappling with how to stop identity-based attacks, how to work together successfully and what security gaps must be addressed to protect the business. They don’t know where to start.
With 2024 in full swing, IT and security leaders should use this time to jointly define and prioritize gaps between these two critical teams — to ensure the teams are jointly aligned and kick off the new year on the right track with a shared plan and strategy.
Have an open dialogue about risks and seek out ways to protect your identity infrastructure
Two different conversations typically happen in identity and security team meetings. Identity is focused on resiliency, stability, access availability and MFA. Security is focused on trust, likely attack vectors, identity protection and governance, misuse, credential management and anomaly detection. Hackers often exploit these gaps. Once the two teams establish a regular, open and honest dialogue, they can better understand each other. This alignment allows identity to understand and support the rising security risks while security can support the identity needs to collaborate on the best approach.
Identify, prioritize and close identity security gaps
Most businesses have hybrid, interconnected environments where users access both on-prem and cloud resources with the same credentials. While that is great for productivity, it increases the attack surface of both environments as a compromised user account on-prem can be used to access the cloud one, as well as the other way around.
Once lines of communication are established between the security and identity teams, a joint strategy should be developed that describes a set of common foundational principles (such as all accounts matter, there will be a single employee source of truth and MFA will be required). Create a common glossary of identity terms and a practical set of written security policies (practical and doable, not inspirational) to ensure clear communication between both teams and the business. Finally, create a joint technical roadmap and portfolio prioritization that reflects the foundational principles and policies and addresses the evolving business requirements.
Strive to implement least privilege access approach in your identity infrastructure
Teams should create and institute written and technical policies that can aid in identifying users who may have excess resource access and enforce additional monitoring and protection measures on privileged accounts. It may require a bit more work up front, but identity and security teams will save themselves time in the long run and be better positioned to combat security events when they arise.
Bridging the gap between identity and security teams must be a top priority for the CIO, CISO and business leaders throughout 2024. Not only because a collaborative organization can alleviate security concerns and potential blind spots, but when different departments openly communicate, understand and appreciate their partner’s challenges, they will quickly and easily work towards the same goal, lifting up the entire organization.