Why ID Security Is Important

Ray Kafity, Vice President of META, Attivo Networks

Why ID security is crucial in a time of constant cyber threat and how to battle the threats 

Microsoft estimates that attackers target over 95 million Active Directory (AD) accounts every day, and unfortunately, this number is on the rise. Additionally, with the boost of hybrid work, organisations face the problem of tackling the increased instances of cyber-attacks as an after-effect. Identity-based attacks have become a primary tactic for many attackers. By stealing identities from within the organisation, attackers get access and move laterally throughout the network and cloud environments by impersonating authorised users. Active Directory provides a directory service that allows administrators to manage privileges and control access to resources throughout the organisation’s network, making it an integral part of its day-to-day operations. AD manages privileges and authentication, so the user base must be able to access it easily. Active Directory represents a key that can unlock ID and the rest of the network for an attacker. Therefore, having solid and secure ID security is essential for protecting the organisation against malicious attacks.

Why traditional Identity Solutions is not enough to withstand the modern attacker

Unfortunately, traditional identity solutions still allow room for potential attacks. Many conventional tools ensure that the right users have appropriate access and apply continuous validation, which is the basic principle of the zero-trust security model. However, identity and access management, which focuses solely on providing, connecting, and controlling identity access, is just the beginning of identity security. Protection needs to go beyond initial authentication and access control to include other aspects of identity, from visibility to exposure to attack detection, such as credentials, privileges, and the systems that manage them. Many attackers have discovered that AD is an evident but often ignored asset. When AD vulnerabilities combine with cloud misconfiguration trends, the need for additional layers of protection beyond deployment and access control becomes much clearer. The latest innovative Identity Exposure Visibility solutions provide essential insights into endpoint-stored credentials, Active Directory (AD) misconfigurations, and cloud entitlement overprovisioning. Identity Detection and Response (IDR) solutions are a relatively new category of technology that goes beyond traditional identity access management to detect and respond to identity-based attacks. It works in conjunction with Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Network Detection and Response (NDR), and other similar solutions.

Why every organisation must update their Identity Security and how they best can do it

With the rise of identity-based attacks, organisations today must detect attackers exploiting, misusing, or stealing corporate identities. And especially with the expanding hybrid workforce, organisations must step up their cyber security to ensure that their security stays top level. This need is especially true as organisations race to adopt the public cloud, and human and non-human identities continue to grow exponentially. It is vital to detect identity-based activity with modern IDR solutions, as attackers exploit credentials, leverage Active Directory (AD), and attack identity through cloud entitlements.

Read the original article by Daniel Shepherd on Tahawultech.