How The Channel Can Help Security Teams Battle An Identity Crisis
By Peter Geytenbeek, Delinea
Identity is undoubtedly one of the most critical security challenges facing organizations today. The majority of cyberattacks exploit compromised user accounts to gain initial system access, and an increasing number of threat actors use these compromised identities to move laterally and access critical systems and data without detection.
Recent research from Delinea delved into the current state of identity security and highlighted the key challenges and priorities ahead. While most firms regard identity as an important security issue and have taken steps to mitigate risks, many have yet to properly integrate identity solutions and subsequently have critical gaps in their defenses.
The channel is ideally placed to help solve the identity crisis by filling these gaps. Those that can act as trusted advisors for securing user identities, as well as connecting customers with the right solutions, have a powerful opportunity to establish themselves as valuable strategic partners.
Integrating Identity Into The Security Stack
Delinea’s research found that most organizations now understand the importance of protecting privileged identities as a security priority, and good progress was being made in connecting Identity and Access Management (IAM) tools with areas like IT service management and automation.
However, many organizations are struggling to implement the right tools and processes to mitigate identity-based threats. In particular, most respondents had yet to make critical integrations between IAM and other key security elements.
Only a quarter had linked IAM with Multi-Factor Authentication (MFA), and a similar number had integrated it with their Active Directory system. Just 18 percent had connected with their Security Information and Event Management (SIEM) capabilities.
This lack of integration makes it more likely that there will be blind spots in the organization’s identity security capabilities, creating gaps that threat actors could find and exploit to avoid visibility.
Channel partners can introduce their customers to best-in-breed identity security solutions but, more importantly, also can ensure that different solutions which protect against identity-related breaches are integrated. Resellers with extensive portfolios can achieve huge deals with comprehensive suites of solutions, while service providers can offer strategic advice and expertise to facilitate integrations across the stack.
Focusing On Privileged Security
Digital identities with privileged system access should be one of the greatest priorities for all identity security strategies. These accounts are a key target in most cyberattacks as they enable threat actors to deploy a range of powerful capabilities. Privileged accounts, such as those of system administrators and developers, can be used to access the most sensitive and mission-critical data and systems, as well as alter logs to cover up malicious activity.
Encouragingly, the majority of enterprises Delinea surveyed had made good progress around privilege access controls, with 63 percent having deployed measures such as Privileged Access Management (PAM) for their users.
However, only just over half of the respondents had applied the same controls for their non-human application identities. Many organizations overlook the fact that their systems similarly require access provisions to human user accounts. These automated service accounts can likewise be discovered and compromised by threat actors to gain a foothold and escalate privileges for lateral movement.
Channel partners, again, have a valuable strategic opportunity here, as they can help educate customers about the risks posed by unsecured automated accounts, as well as provide them with quality PAM tools that will protect them. For example, Delinea offers a free tool that can automatically scan and detect service accounts with privileged access, enabling partners to make their customers aware of the true scale of the issue.
Getting The Board On Side
Finally, the channel has an important role to play in helping CISOs convince their boards of the importance of identity security.
Just over a third of respondents (37 percent) said that security was well understood by their board of directors and that it was viewed as an enabler for better business operation. While it is encouraging to see a growing number of senior executives realize that security is an enabler rather than a barrier, the majority still need convincing.
A third of respondents stated that their board did acknowledge the importance of identity security but only thought about it in terms of regulatory compliance. Similarly, we have found that many firms are motivated primarily by their cyber insurance premiums.
This is perfectly understandable since enterprises have a great many conflicting priorities on their agenda, and there is a particular need to be cost-aware in these challenging economic times. Security is just one of many issues to budget for, and identity is just one element of security. No wonder then that many boards may be more focused on achieving compliance than the wider security and business benefits.
CISOs know that most breaches involve compromised identities, so focusing on identity security is the best way to reduce the risk of a multi-million-pound incident. Channel partners can help drive this agenda by providing security heads with cost-effective solutions to solve the problem. MSSPs in particular can package IAM- and PAM-as-a-service, transferring the cost from a big CAPEX investment to a more manageable monthly OPEX fee.
Identity will continue to be at the center of cyber risk for the foreseeable future. Those channel partners that can provide their customers with the tools, expertise, and support needed to help solve the identity crisis will be well placed to provide more strategic value and seize a powerful market opportunity.
About The Author
Peter Geytenbeek is the Director of EMEA Channel and Distribution at Delinea.