The proliferation of identities, combined with cloud migration and the growing sophistication of attacks, has created the perfect storm for security teams who are facing a surge in identity-based cyberattacks. But as the number of identities grows, "you can do more with less," experts advise.
Protecting identities - developers, workforce, third parties and IT admins - requires tailored controls, and not all accounts need constant access. "If you don't use (the accounts) periodically, create it just in time when you need it and get rid of it and eliminate the threat," said Sunil Patel, managing director IAM at Accenture.
Rapid digitalization also means an increase in machine identities. "The identities we're securing, around 60% of them are people," said Matt Girdharry, leader for observability and security partnerships at AWS. "We have to make sure that we approach the human element, but also that we don't forget about the machine identities."
But managing identities is a game of prioritization and focus. Brandon Traffanstedt, field CTO for CyberArk coined a term for this: a "Skittle-sorting conundrum."
"We tend to take all of these new identities and all of these new environments, and we begin to try and secure them in the same way. And we may not distinguish between a green Skittle or a purple Skittle," he said. "We have to recognize that not all of them are created equally, so some we may deprioritize … we have to make sure we're not just mixing all the candy up and eating it together."
In this video interview with Information Security Media Group at RSA Conference 2024, Patel, Girdharry and Traffenstedt also discussed:
How attackers have changed their tactics - logging in, rather than hacking in;
How enterprises are using generative AI in their identity security programs;
The rise in the types of identities and the need for every identity to access data across disparate resources.