Why Today’s Cybersecurity Requires Detection, Not Prevention

By Juliette Rizkallah, CMO of SailPoint

Given the current risk climate, cybersecurity is top of mind for organizations of all sizes and industries. In fact, according to recent research, the global cybersecurity market is expected to grow significantly from 2018 to 2023, amassing a global revenue of $193.76 billion by 2023.

Data breach prevention tactics, such as anti-virus software, network perimeter security and end-user training, have become commonplace, and IT departments are bolstering their cybersecurity toolboxes at a rapid clip to avoid data loss and becoming the target of a debilitating attack. Additionally, the security perimeter continues to change as smartphones and cloud apps make it easier to share data, collaborate on projects and access anything, at anytime and anywhere – including our sensitive work files. The new security perimeter is us, and this shift and introduction of new attack vectors has naturally influenced even greater global expansion of the cybersecurity market.

However, the prevention efforts currently being used are not enough. Breaches such as those that hit Yahoo and Timehop, the worldwide WannaCry ransomware attacks, the emergence of Petya and NotPetya malware and others, continue to make news headlines each week, further proving that our world is far from secure.

Key Factors Complicating Cybersecurity Prevention

With all of the above-mentioned security systems in place, even the most basic of cybersecurity best practices such as good password hygiene, evade many organizations. In fact, a survey of 1,600 employees across Australia, France, Germany, Italy, Spain, the United Kingdom and the U.S., found that 75 percent of respondents reuse passwords across different accounts. Almost half (47 percent) duplicate passwords across work and personal accounts.

The workforce is complicating cybersecurity prevention in a number of other ways in addition to their poor password practices. IT teams short on time and resources have created friction with employees who are going rogue and violating cybersecurity procedures in place to fix IT-related issues to do their jobs. This has introduced Shadow IT, which in particular, creates endless security complications. Around one in three (31 percent) of employees say they (or one of their colleagues) have purchased and/or deployed software without IT’s help, and that’s an 11 percent increase in just the past four years. The same study also identified that if employees had reason to believe they had been hacked, 13 percent indicated they would not tell IT immediately. Forty-nine percent said their IT department would be to blame for a cyberattack if one occurred as a result of an employee being hacked. These numbers indicate a worrisome disconnect among employees when it comes to understanding the role they play when it comes to cybersecurity, and the impact of their behavior on potentially devastating data breaches on their organization.

New threat dynamics, like software bots, are also complicating organizations’ well-intentioned cybersecurity prevention efforts. A recent survey found that 70 percent of companies are already using software bots to drive business inefficiencies. However, only 5 percent are governing their access as part of their existing identity governance programs today. This presents a concerning new area of exposure for organizations. As software bots are accessing sensitive business data and applications as part of their day-to-day ‘duties,’ their credentials are high at risk for a hacker to compromise – similar to their human counterparts.

The Detection Power of Identity Governance

Considering all of these factors complicating cybersecurity prevention, the time has come for organizations to shift their thinking away from cybersecurity prevention and toward detection. Specifically, organizations need to implement a comprehensive identity governance strategy that allows them to better hunt for, identify and ultimately stop abnormal user activity before it leads to internal and external-induced data breaches.

Identity governance enables organizations to secure the digital identities of all users across all applications and data. In today’s complex, hybrid IT environment, identity is the only thing tying a user to their different devices, applications, data and activity within the organization. If IT teams can have full visibility and control over the identities in their organizations – including their access to data and applications – through a comprehensive identity governance strategy, they’re well on their way to securing their organizations.

Identity governance is the only way to address today’s increasingly complex IT environment, providing the visibility and security organizations need when dealing with:

  • More workplace users than ever before, going beyond employees to contractors, suppliers, business partners and even software bots
  • Thousands of on-premises and cloud applications
  • Mission-critical data that is increasingly being shared, stored, accessed outside of structured systems

Comprehensive User Visibility is Paramount

To realistically keep up with ever-resourceful attackers and better protect critical business assets, organizations and their IT departments need to spend less time implementing cybersecurity prevention tactics and instead address the chronic security vulnerabilities already causing significant harm. By deploying a comprehensive identity governance strategy to obtain full visibility over all users, applications and data, organizations can mitigate their risk of cyber-attacks, eliminate any compliance gaps and increase their business productivity — all while maintaining operational security and efficiency.



No posts to display