Enabling Identity Threat Detection and Response (ITDR) for In-Progress Attacks, with PAM
Today’s enterprises focus on cloud-first and rapid development initiatives to speed the deployment of new applications. While these activities often do deliver on speed, in the process, they generate many more identities across the organization. More human identities are needed to manage accounts on new systems, and machine identities are provisioned to enable automation to manage inter-system communication and operation. All of these identities must be identified, onboarded, secured, and managed,
Yet, the reality is that this surge in the number of identities is frequently coupled with a lack of visibility into the depth and breadth of permissions given to these accounts. It is much easier to over-entitle an identity and their accounts during account creation time. This naturally leads to more entitlements than are required for the work, and this is a threat vector for malicious actors.
It’s clear that tracking cloud-access entitlements is difficult. Many of the cloud providers’ native tools still are opaque and lack cross-platform visibility, making it difficult to assess the true effect of the combination of entitlements.
In the face of this complexity, many companies simply hope they are doing the right thing. This represents a largely unidentified, yet powerful threat. The analysts agree. Gartner predicts that by the end of 2023, 75% of cloud security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020…
The Cyber Hut Comment: BeyondTrust are a leading PAM provider and have created an article focused on the emerging area of ITDR (Identity Threat Detection and Response) - and an associated list of best practices to get started.