The scale and cost of security breaches has nearly doubled over the last year, according to recent findings from PWC.
In fact, a shocking 9 out of 10 large organisations now admit to suffering some form of security breach. Companies need to know what to do to mitigate this risk and how to quickly respond to contain the damage breaches like these cause when they do happen. In light of the evolving threat landscape, Darran Rolls, Chief Technology Officer at SailPoint takes a look at the year to come with his three big predictions for enterprise security:
1. Businesses will evolve from network-centric to user-centric security
With data breaches on the rise, it is clear that today’s network-centric security is necessary but insufficient in helping today’s businesses stay secure. Disruptive technologies like cloud and mobile have changed the way users work and share data beyond the perimeter of the enterprise. At the same time, hackers have increased their focus on the human attack vector, targeting their attacks on employees, contractors, partners and the entire supply chain of business execution. Often these attacks take advantage of basic flaws in the execution and control of account and password management processes to gain access to legitimate accounts and systems for illicit purposes.
In order to prevent or minimise data breaches tied to insider accounts and access, it is critical that businesses adopt a user-centric approach to security in 2016 and beyond. That means leveraging a comprehensive approach to identity and access management programs to ensure a single, unified view into and automated control over all applications, all users and all access.
2. Consumer data breaches affect enterprise security posture
Seemingly benign consumer-facing data breaches are exposing organisations to increased risk. Just look at the Ashley Madison attack from this year. Many of the site’s registered users signed in with corporate email addresses – and it has been shown that many of those users employed the same password across personal and professional applications. This put their employer’s data at risk when their consumer-facing credentials were exposed.
Every consumer breach potentially exposes unrelated organisations in this same way, and hackers are very aware of that. Businesses must go forward this year prepared to respond with user education and rapid remediation when breaches are publically reported. Employees need to know the importance of not reusing passwords across applications and systems. Further, when the next big consumer data breach does happen (and we know that it will), enterprises must respond quickly to assess the risk posed to their internal business operations, and respond appropriately.
3. Security focus turns from prevention to detection and response
As a security community, we’re also experiencing a shift in overall focus from prevention to detection and response. As we continue to move towards a user-centric security model, it’s our job to manage the relationships between accounts, access and data. Understanding and managing these relationships is critical to overall situational awareness and security threat detection. Identity management also provides the technical capability to rapidly respond to a security situation by changing or revoking the access for any user or any privileged system account.
These IAM controls are therefore a critical ingredient in an effective security program that strives to more rapidly detect vulnerabilities and breaches, and effectively respond to limit exposure.
Businesses must now stay ahead of the game
Businesses are running fast, and IT organisations in 2016 have to be three steps ahead. That means rolling out enabling technologies like single sign-on, strong multi-factor authentication, password management tools and employing good account management practices that automatically revoke access when it’s no longer needed. With an ever-increasing acceptance of mobile BYOD and everything it entails, IT departments must also employ this technology to ensure they are supporting employees while simultaneously managing the IT risks associated with an evolving mobile landscape.
If the increasingly frequent news of large-scale data breaches has proven anything for businesses in 2015, it’s that there is no longer a question of whether an organisation will be breached, but rather how and when.
By using identity and access management systems that put identity at the centre of the security strategy, enterprises can enhance their threat detection capabilities and lower their overall attack surface. With executives, board members, consumers, employees and partners unified in their concern over security controls, companies that proactively build on internal identity management will come out on top in 2016 and beyond.
Darran Rolls, chief technology officer at SailPoint
Image Credit: Shutterstock / LeoWolfert