Publish date: 02.12.22

Willie Sutton, the American bank thief is supposed to have answered a question about why he robbed banks by saying, “That’s where the money is.” Cybercriminals think the same way. So ask yourself: What and where is the most valuable data that your organisation has?

Previous Blog: #2 Digital Supply Chain

Is it customer financial information? Employees National Insurance numbers? Personally identifiable information? Company strategic and competitive planning?
In fact, it’s none of those. It is the data stored in your identity and access management (IAM) system — the credentials and role-based controls and configurations – which, if successfully stolen, can give cybercriminals easy access to all the other types of data listed above and much more.

A new category of security

According to Gartner, there have been multiple detected instances of sustained attacks on corporate IAM systems. This is the reason why they’ve coined the new term “Identity Threat Detection and Response” (ITDR) to describe the various strategies, tools, and best practices to defend your IAM system from what they call “endemic levels” of attack.

Just like any solution or system implemented to improve security, newly popular multifactor authentication and Zero Trust Access control systems can actually enlarge your attack surface. If the system contains any unpatched vulnerabilities, you can be sure that threat actors will try to exploit them. And when it comes to identity and access control systems, the threat is magnified precisely because of the extremely high-value data they contain.

So ITDR capabilities are critically important. Just like your network or endpoint detection and response capabilities, ITDR tools help you to inspect systems and discover compromise, provide analytic capabilities to help you evaluate and optimise policies, and help you manage and remediate security incidents when they occur.

Building cybersecurity on a strong foundation

IAM systems are clearly a foundational element of any organisation’s cybersecurity infrastructure, one which is required to even obtain a cyber insurance quote. The fact that investment in advanced IAM has risen swiftly over the past few years reflects a recognition of that fact, as well as being a response to the dramatic growth of remote work and increasing reliance on SaaS and other cloud-based services.

Implementing a strong set of ITDR (also called IAM security) strategies and tools simply makes good sense, and we see this trend playing out.

However, it’s also important to ensure that the IAM system you adopt in the first place is provided by a highly reputable and reliable vendor. With the growth of software supply chain threats, it’s especially important to know that your IAM vendor employs development processes that embody supply-chain security at every stage (Gartner trend #2—find out more here). They should make minimal use of third-party software components and require full accountability and secure development practices all the way up the supply chain. They should have a solid record of providing timely updates and patches for all their products – just like Barracuda’s very own CloudGen Access.

At Xeretec we can help you explore an array of vendors in this space to help secure or firstly implement your IAM strategy. For more information, please get in touch here.