Industry Insights with CISCO

Time to Rethink Identity: What Security Leaders Need to Know

Why Focus on Identity Security Now?
Time to Rethink Identity: What Security Leaders Need to Know

As organizations grapple with the rising number of increasingly sophisticated cyberattacks, they are finding that they need to put more focus on identity security as the front line in their battle to protect against cyberthreats. According to Cisco's Cybersecurity Readiness Index, in the last year, over half - 54% - of organizations experienced a cybersecurity incident, yet only 3% are prepared for one.

See Also: How to Take the Complexity Out of Cybersecurity

Additional statistics only underscore the urgency of the situation. For example, according to Cisco's 2024 Duo Trusted Access Report , 86% of breaches involved compromised user identities.

And more than 8 in 10 - 84% - of identity security respondents in the 2024 Trends in Securing Digital Identities survey reported citing incidents that directly affected their business, up from 68% in 2023. This survey conducted by the Identity Defined Security Alliance, an independent, non-profit identity security association, includes insights to help reduce identity security risks.

It's easy to understand the risks involved in one recent U.S. national banking institution data breach, where a third-party attack exposed customer information, highlighting key vulnerabilities in interconnected service ecosystems.

Similarly, government operations of Canada's British Columbia province were attacked in a sophisticated cyber incident that compromised sensitive information, illustrating the pressing need for robust identity protection measures.

These incidents represent a broader trend in which identity has become a primary target for threat actors.

Security Overload: Rising Complexity, Countless Tools

Many organizations struggle with a multitude of security tools, each designed to tackle specific threats. According to Panaseer's 2022 Security Leaders Peer Report, enterprises have an average of 76 tools in place to manage security. The complexity involved in managing so many tools makes it challenging to ensure comprehensive protection. Tom Gillis, senior vice president and general manager of Cisco Security, emphasized the need to simplify security. "CISOs need to embrace a platform approach, integrating various tools into a unified system to reduce complexity and enhance security effectiveness," Gillis said.

Jeetu Patel, Cisco's executive vice president and general manager of security and collaboration, advocates for the use of a zero trust framework. "Continuous verification and AI-driven solutions are essential to simplify security management and address the sophisticated nature of modern threats," he said.

Complexity is evident in incidents such as the supply chain attack on one global data analytics firm, in which a breach at a single software provider cascaded across multiple organizations' networks, exposing them all to significant risks. This highlights the necessity for a more integrated and simplified approach to security management that reduces dependency on disparate tools and enhances overall effectiveness.

Identity: Your Most Crucial Perimeter

With the dissolution of traditional perimeters, identity has become the core of network security. This shift leads to a more holistic approach to managing user, device and process identities. Gillis outlined a three-layer model for identity security that encompasses user identity, device identity and process identity, ensuring a comprehensive understanding of security contexts. "Identity must be the first line of defense. Understanding who is accessing the network, from what device, and what they are doing is critical," he said.

Patel highlighted the role of AI and machine learning in this evolutionary shift. "AI and machine learning are crucial for continuously adapting and verifying identities, providing robust protection in dynamic environments," he said.

AI presents a double-edged sword by empowering both hackers and defenders. In many ways, AI ups the urgency for security providers and their customers to take action. For instance, AI can analyze patterns of behavior and detect anomalies that may indicate a compromised identity, providing a proactive layer of security that traditional methods may lack.

Examples of this type of new approach include the use of biometric authentication in high-security environments. Financial institutions and government agencies are increasingly adopting facial recognition and fingerprint scanning to ensure that access is granted only to verified individuals.

These technologies, combined with continuous behavioral monitoring, create a multifaceted defense against identity breaches.

Overcoming Multifactor Authentication Fatigue

Although multifactor authentication is very important, users often experience fatigue from repeated prompts. This can lead to reduced security compliance and increased vulnerability. Cisco's Duo Passport aims to address this issue by minimizing authentication disruptions while maintaining high security. Patel and Gillis both emphasized the importance of using AI to ensure a frictionless authentication experience. "AI-driven authentication can significantly reduce user fatigue and enhance overall security," Patel said.

Many retailers and financial institutions are finding it important to improve each user's experience without compromising security. By leveraging AI, organizations can streamline authentication processes, making them less intrusive and more efficient.

A notable case involves a major healthcare provider that implemented AI-driven authentication across its network. The result was a 30% reduction in login-related support tickets and a significant improvement in user satisfaction, demonstrating how security and user experience can go hand-in-hand.

Reducing Identity Sprawl

Identity sprawl, where organizations manage multiple identity directories, often leads to fragmented identity management. This fragmentation increases the risk of security breaches as inconsistent policies and oversight create gaps in protection. Gillis underscored the need for a unified view and better analytics to provide a coherent view across disparate identity platforms. "By consolidating identity management and leveraging advanced analytics, organizations can enhance security and streamline operations," he said

A case in point is the healthcare sector, where multiple identity systems can exist within a single organization due to mergers and acquisitions. This often results in security gaps that attackers can exploit. By integrating identity management systems, organizations can ensure consistent policies are met and reduce vulnerabilities.

Meanwhile, the financial industry has seen similar challenges. Banks often merge with other institutions, inheriting diverse identity systems that need to be integrated. A large international bank recently streamlined its identity management, reducing administrative overhead by 25% and significantly improving its security posture.

Conquering Identity Security Threats

Identities are a prime cyberattack target, making effective identity security essential. Gillis described how Cisco's Identity Intelligence analyzes user behavior to detect anomalies and prevent unauthorized access. "Leveraging AI to enhance security, Identity Intelligence helps organizations move from reactive to proactive threat management," Gillis said.

Patel said that Cisco Hypershield offers advanced protection by continuously assessing and responding to identity risks. "Proactive measures via the use of Hypershield ensure that end users only access what they should, significantly reducing the risk of breaches," Patel said.

In the financial sector, identity threats are particularly prevalent. Attackers often target financial institutions to gain access to sensitive customer data. By implementing solutions such as Identity Intelligence and Hypershield, these institutions can detect and mitigate threats before they result in significant breaches.

In the retail sector, organizations face frequent credential stuffing attacks aimed at compromising customer accounts. By leveraging behavior analytics and proactive security measures, retailers can detect and prevent such attacks, protecting millions of customer accounts from potential compromise.

RSA Conference 2024 Revelations and Advances Cisco Shared

At RSA Conference 2024, Cisco unveiled several groundbreaking innovations.

Cisco Hypershield, an AI-driven security solution for AI-scale data centers, enables autonomous segmentation, distributed exploit protection and self-upgrading capabilities.

Separately, the integration of Cisco and Splunk aims to create a comprehensive SOC platform, enhancing threat detection and response capabilities with AI-driven insights and automated workflows.

And advances in Cisco Duo, including Identity Intelligence and Duo Passport, enhance continuous identity security and reduce authentication fatigue for users.

These announcements highlight Cisco's commitment to addressing evolving security challenges. By integrating advanced AI and machine learning technologies, Cisco aims to provide solutions that not only respond to current threats but also anticipate future challenges.

For example, the integration of Cisco and Splunk offers a more holistic view of security events, enabling faster and more accurate threat detection. This is particularly important in industries such as healthcare, where the speed and accuracy of threat detection can have a direct impact on patient safety.

Rethinking Identity Security

As cyberthreats evolve, so must the approach to identity security. By examining recent breaches and insights from cybersecurity leaders Gillis and Patel, it becomes clear that identity security is no longer a luxury but a necessity.

There is a clear need for an integrated approach to identity security that is simple, cloud-native and scalable. To stay in front of malicious and ever-evolving threat actors, organizations can't waste time managing multiple fragmented tools. Streamlining identity management allows for better policy enforcement, easier compliance and faster incident response, significantly enhancing the overall security posture of an organization. When security operations are unified and streamlined, they reduce administrative overhead, free up resources and enable security teams to focus on proactive threat mitigation rather than reactive problem-solving.

As a primary target for attackers, identity must be at the forefront of any security strategy, using technological advances and methods that help ensure more comprehensive protection. Leveraging integrated platforms and AI-driven solutions can help organizations enhance their security postures, simplify cybersecurity tools used and proactively stay ahead of emerging threats.

CISOs who embrace modern approaches to identity security will be able to better protect their organizations. Cisco stands ready to help with the tools and road map needed to reduce complexity and embrace modern identity security. By adopting integrated, AI-driven platforms, organizations can better protect themselves against evolving threats and ensure robust security. Cisco's comprehensive solutions provide the necessary framework and tools to lead this transformation. Learn how you can deliver smarter, stronger security for your organization: https://www.cisco.com/site/us/en/products/security/index.html



About the Author




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.