By Kiersten Putnam | Trace3 Senior Innovation Researcher
As most of us remember from last fall, the MGM breach was one of the most notable cyber-attacks in 2023. Perhaps most memorable about this attack was the path in which the hackers took to gain access to sensitive information and laterally progress through MGM’s environment. They did so while collecting stored passwords and accessing apps through the Okta server. What this attack taught us is that there are many blind spots throughout the identity security lifecycle that attackers will leverage to perform lateral movement through on-premise and cloud environments.
MGM may be the most famous attack but unfortunately, we learned that other organizations last year experienced very similar social engineering attacks. These attacks are making headlines and placing more attention on organizations’ current identity security posture. Our team has made this one of our big themes for 2024 and, in continuation from Trace3’s Innovation Team 2024 Enterprise Technology Themes series, have created this blog to dive into the techniques for strengthening identity posture and overall security. Following our 2024 theme classifications, we are calling this theme both an investment and an adoption trend. Some of these identity security techniques are still emerging and will evolve as they mature. At the same time, more established use cases are gaining more and more adoption with the concerns that identity breaches bring to organizations. Identity security is an interesting space to say the least and to help elaborate on the areas of defense, we have broken this blog into different sections, starting with identity basics and advancing into different security techniques.
Renewed Interest in Fundamental Identity Capabilities
When first responding to the news of these attacks, many organizations are starting with the basics-examining their current identity architecture and where it can be further enhanced. Below is a list of investment and adoption trends we are tracking across the identity fabric as a result of the push for increased identity assurance.
When considering authentication, it has been long understood that the password is not the most secure form of authentication. To strengthen this, our Innovation team has noticed an adoption trend in passwordless authentication, basing authentication on something a user knows know, has, or inherently is. If you are interested in learning more about the passwordless trend, check out our blog on The Passwordless Boom.
Moving beyond authentication and into authorization brings us to the trend of adaptive access. This just-in-time nature eliminates the concern for over-permissive access to sensitive information by providing user access to resources as they are needed and only for the time required. Both existing and emerging solutions are evolving to provide flavors of this just-in-time access for a variety of different resources.
Finally, it is important to note that identity assurance is not only needed in human identities but also within non-human machine identities. As a result, we are tracking investments in machine identity solutions that provide authentication from a variety of different angles, including secrets management, MFA for machines, orchestration, and so on.
Based on the distributed attack surface identity fabrics create, fundamental authentication and authorization capabilities are a natural place to continuously enforce identity assurance and enhance security against identity-based attacks. They will provide the building blocks for ensuring your users are who they say they are and decrease the likelihood of a breach.
Surge of Interest in Identity Security Posture Management
Advancing past the fundamentals of identity, consistent visibility and gap analysis across the identity fabric is essential in providing timely context in the case of a breach. Identity security posture management is a term our Innovation team uses to describe the surge of investments and client interest in both identity hygiene and identity security solutions.
Creating consistent visibility and gap analysis may seem like a long-term goal. To help kick-start these efforts, solutions are providing a snapshot into the hygiene of your identity fabric. By aligning to internal data practices, identity hygiene solutions can identify metrics including excessive permissions, inactive privileged users, and lurking users. This gives organizations a great check on how their access management is performing and a prioritized list of areas to improve.
Moving beyond hygiene, security solutions are proactively identifying risks left by disparate identity tools. One use case gaining attention in this space is identity threat detection response (ITDR). These solutions provide investigation into identity-based breaches and remediation recommendations. As the identity fabric is vast, so are ITDR capabilities with solutions differentiating in their support across CIEM, XDR, and Active Directory.
When these use cases are combined, they can provide a holistic view into an organization’s identity security posture, hence explaining why our team analyzes them together. Although many of these use cases currently are stand-alone, our team expects they will be folded into larger identity suites as investments and adoption continue to rise.
Additional Supplemental Technologies
While enhancing fundamental identity capabilities and evaluating technologies specifically within the identity fabric may seem like the obvious answer to preventing identity-based attacks, other supplementary technologies are also important. These social engineering attacks demonstrate how humans and identities remain a weak link. To continue creating a defensive security strategy, security education will be essential to ensuring your workforce is aware of the latest attack techniques and ready to be your frontline defense.
In Summary
In summary, identity attacks are on the rise. As these identity attacks become more and more common, our Innovation team is collecting the latest techniques to strengthen your identity fabric and provide guidance on security strategies. If you’d like to continue the conversation, feel free to reach out to us at innovation@trace3.com and continue following our Trace3’s Innovation Team 2024 Enterprise Technology Themes series.
Solutions
Kiersten Putnam is a Senior Innovation Researcher at Trace3. She is passionate about new innovative approaches that challenge traditional processes across the enterprise. As a member of the Innovation Team, she delivers research content on emerging trends and solutions across enterprise cloud, security, data, and infrastructure. When she's not researching, she is either exploring the surrounding areas of Denver, Colorado where she lives, or planning her next trip abroad.