Jump to content
  • Sign Up
×
×
  • Create New...

Strengthening cyber: Best IAM practices to combat threats

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

This is the hidden content, please

Strengthening cyber: Best IAM practices to combat threats

The 2024 *** government

This is the hidden content, please
makes sober reading with 70% and 74% respectively of medium and large businesses reporting some form of cyber incident within the previous 12 months. 

With

This is the hidden content, please
accounting for 84% of these attacks and AI enabling the launch of increasingly sophisticated cyber campaigns, organisations need to defend themselves against attacks targeting two key vulnerabilities in their defences: insecure user accounts and human error. IAM needs to be a key part of an organisation’s security posture against these threats. 

Unfortunately, many organisations have inadequate

This is the hidden content, please
and lack effective control and visibility of who has access to their resources. This creates a vulnerability that is targeted and exploited. 

Organisations should combat this threat by establishing an identity-centric security approach that moves the security perimeter from the edge of the corporate network to the individual user. It reduces the risk of an attacker exploiting insecure identities by enforcing verification and authorisation of all entities prior to allowing any access and then only permits authorised activity.  

Identity-centric security needs to be at the core of an organisation’s cyber security posture. It is delivered through effective IAM governance, strong but proportionate access controls, user education, and proactive detection and response capabilities designed to rapidly identify and repel any breach. 

Reduce the ability of attackers to exploit accounts through effective IAM governance

An effective IAM governance framework for managing the end-to-end identity lifecycle is a key element in reducing the ability of attackers successfully exploiting an account to infiltrate an organisation’s resources.   

The first step is getting the basics right. At a minimum, regular recertification reviews should be performed to see who has access to what resources and their entitlements. It should then remove any account and/or access right that is not required.  This should be coupled with the enforcement of effective joiners, movers and leavers, and access request processes designed to only provide users with appropriate access to resources they need to perform their roles.    

This reduces the exploitable ******* surface by, for example, removing dormant or duplicate accounts and unnecessary access to resources. It should also deliver a single traceable view of who has access to which resources and enable unauthorised access to be more effectively identified. 

Enforce strong but proportionate access controls to reduce the risk of compromise 

As an organisation’s users and their accounts will be actively targeted, it is necessary to enforce access controls that not only reduce the risk of breach, but if an attacker does succeed, minimises their ability to exploit this access. 

Organisations need to apply proportionally stronger controls according to risk. At a minimum, organisations should use Multi-Factor-Authentication (MFA) tools and techniques. These include mobile authenticator apps leveraging One-Time Passwords or biometrics combined with controls using contextual signals such as a user’s location or the status of their device. Such mechanisms provide an additional layer of defence in the event a user falls for a phishing email and provides an attacker with their credentials. 

In the event these defences are breached, the enforcement of a least privilege model, where users are only provided with the minimum entitlements required for their jobs will limit the ability to exploit thisBuilding upon this, privileged accounts used for higher-level administrative activities must be kept separate and not used for daily businessasusual work. Such controls impede an attacker’s ability to move laterally across the network and reduces their ability to compromise an organisations systems and data or deploy system corrupting ransomware. 

Use education to reduce the risk caused by ignorance  

Cyber attackers exploit ignorance and muscle memory with techniques such as MFA ******** (where attackers repeatedly spam the user with MFA requests until they accept) which is used to compromise credentials. 

Education of these threats needs to be part of an organisations defences. Measures include awareness campaigns on how to identify and respond to phishing emails, best practice, and steps to take if they feel they may have been compromised. This helps the workforce take pride in good cyber security and empowers them to do the right thing. 

Use threat detection and response capabilities to reduce the impact of any breach 

Although effective IAM should be at the heart of the defence against cyber phishing and ransomware attacks, it essentially provides a static defensive perimeter. Organisations must assume this will be breached and use their wider security operations capability to proactively deliver threat detection and response, including approaches such as Zero Trust 

Organisations should develop capabilities to detect and analyse signals that could be an indicator of attempted or existing compromise. Trend analysis on usage and breaches can be used to identify and close vulnerabilitiesThreat detection tools (e.g. a SIEM capturing IAM and PAM logs) combined with established playbooks can, for example, reduce the impact of a successful phishing campaign by detecting and responding to anomalous activities such as seeking escalation of rights. 

A coherent identity-centric security approach needs to be a core part of an organisation’s defences if it is to successfully combat cyber, phishing and ransomware attacks. The combination of the use of high quality identity data and technology services to control access to its resources, with proactive threat detection and response capabilities, and user education, is vital for a security posture designed to meet rapidly evolving cyber attacks. 



This is the hidden content, please

#Strengthening #cyber #IAM #practices #combat #threats

This is the hidden content, please

This is the hidden content, please

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept