Continuing our ongoing series of articles about the seven key trends identified in Gartner’s report “Top Trends in Cybersecurity 2022,” released to its clients last March, we turn our attention now to the third trend, Identity Threat Detection and Response.
In an oft-repeated but apocryphal quote, bank robber Willie Sutton is supposed to have answered a question about why he robbed banks by saying, “That’s where the money is.” Cybercriminals think the same way. So ask yourself: What and where is the most valuable data that your organization has?
Customer financial information? Employees’ Social Security numbers and other personally identifiable information? Company strategic and competitive planning? Patent applications under development?
In fact, it’s none of those. It is the data stored in your identity and access management (IAM) system — the credentials and role-based controls and configurations — the keys to the kingdom, which, if successfully stolen, can give cybercrooks easy access to all the other types of data listed above, and much more besides.
A new category of security
According to Gartner, there have been multiple detected instances of sustained attacks on corporate IAM systems. This is the reason why they’ve coined the new term “Identity Threat Detection and Response” (ITDR) to describe the various strategies, tools, and best practices to defend your IAM system from what they call “endemic levels” of attack.
Just like any solution or system implemented to improve security, newly popular multifactor authentication and Zero Trust Access control systems actually enlarge your attack surface. If the system contains any unpatched vulnerabilities, you can be sure that threat actors will try to exploit them. And when it comes to identity and access control systems, the threat is magnified precisely because of the extremely high-value data they contain.
So ITDR capabilities are critically important. Just like your network and endpoint detection and response capabilities, ITDR tools help you to inspect systems and discover compromise, provide analytic capabilities to help you evaluate and optimize policies, and help you manage and remediate security incidents when they occur.
Building cybersecurity on a strong foundation
IAM systems are clearly a foundational element of any organization’s cybersecurity infrastructure. The fact that investment in advanced IAM has risen swiftly over the past few years reflects a recognition of that fact, as well as being a response to the dramatic growth of remote work and increasing reliance on SaaS and other cloud-based services.
Implementing a strong set of ITDR (also called IAM security) strategies and tools simply makes good sense, and we see this trend playing out.
However, it’s also important to ensure that the IAM system you adopt in the first place is provided by a highly reputable and reliable vendor. With the growth of software supply chain threats, it’s especially important to know that your IAM vendor employs development processes that embody supply-chain security at every stage (Gartner trend #2—find out more here). They should make minimal use of third-party software components, and require full accountability and secure development practices all the way up the supply chain. And they should have a solid record of providing timely updates and patches for all their products.
Do you want my personal, completely unbiased recommendation? Check out Barracuda CloudGen Access. It’s a Zero Trust Access solution that builds in decades’ worth of innovation and advancement in secure development, ease of use, comprehensive feature stack, and seamless integration with cloud platforms and services.
Tony Burgess is a twenty-year veteran of the IT security industry and is Barracuda’s Senior Copywriter for Content and Customer Marketing. In this role, he researches complex technical subjects and translates findings into clear, useful, human-readable prose.
You can connect with Tony on LinkedIn here.