In the modern threat landscape, identity and privilege are at the forefront of cyberattacks. Organizations increasingly recognize they need more robust security measures, including identity-based security practices, to mitigate threats and safeguard their data and operations, says BeyondTrust Chief Security Officer Morey Haber.
“Previously, we were worried about vulnerability management, patch management, configuration management. As we shifted to the cloud, those things are still important, but we’re seeing threat actors go after identities…this has changed the landscape to make identities the first attack vector and what we should be caring for the most,” he says in an interview for CyberScoop.
To defend against these modern attacks, Haber recommends implementing identity and access management practices, including identity governance, privileged access management, single sign-on, and multi-factor authentication. He stresses the importance of holistic identity solutions that work seamlessly across on-premises, hybrid, and cloud environments.
“Organizations have to prioritize their identity strategy first to understand where all of their identity and account relationships exist, make sure they’re under proper governance for joiner mover lever processes, and then focus on those privileged accounts, the most sensitive ones within the organization to ensure that they are not leveraged inappropriately, and can’t be used to compromise a business,” he says.
That’s in part, he says, because attack vectors over the past decade have shifted from targeting vulnerabilities to focusing on identities and privileged accounts.
Haber also cites in the interview a real-world example where identity security practices helped detect and respond to a breach in a third-party support system.
“If you follow the news, you’re aware of an identity provider that recently had a security breach in their third-party support system. Having good identity security best practice in play, to monitor identities, their usage In their inclusion in privileged groups, and the potential loss of sensitive information in a third-party system is key.”
Learn more about using identity-based security practices more effectively with BeyondTrust.
This video interview was produced by Scoop News Group for CyberScoop and underwritten by BeyondTrust.