enterprisesecuritymag

Why Identity Management is Important to Stop Cyber Pablo Escobar

By Ben Bulpett, EMEA Identity Platform Director, SailPoint

Ben Bulpett, EMEA Identity Platform Director, SailPoint

The notorious Pablo Escobar controlled 80 percent of the global cocaine market in the early 1990s. From these illegal dalliances, in 1989 Pablo was listed as the seventh-richest man in the world, and if he were alive today, he would be worth $20B, more than Jeff Bezos.

"The next generation of identity management will need to provide organisations with predictive modelling, adaptive security, and real-time alerting"

However, if he were actually alive, he probably would have diversified into another underbelly of not so savoury activities—cybercrime, which is worth $1.5 trillion in profits now. The chances of being successfully investigated and prosecuted for a cyber attack, unlike being on trial for drug activities, is estimated at 0.05 percent and the money earned from cybercrime can be easily laundered and are typically untraceable.

When thinking about cybercrime, as organisations embark on their digital transformation journey, the concept of identity governance—for all users, all applications, and all data—has never been more important to both support and protect any transformation from cyber attacks. They need to stop the ‘Pablo Esocbars’ of the world from infiltrating their applications, data, and systems.

According to the World Economic Forum’s Global Risk Report, the majority of respondents expect the risk of cyber attacks that leads to theft of money and data to increase in 2019. Eighty percent of participants believe this would disrupt business operations. The report provided further evidence that cyber attacks pose risks to critical infrastructure, prompting countries to strengthen their screening of cross-border partnerships on national security grounds.

As we continue to witness the collapse of the firewall, the use of mobile, and the rise of access any time and any place— security strategies need to align for securing allied entities in the business, as they are becoming the new enterprise security perimeter. So, having an identity governance platform that governs all users, all data, and all applications has never been more critical for organisations.

In today’s economy, though it’s getting harder to manage all data and who has access to that data, especially as the growth of data being generated will exceed 463 Billion Gigabytes per day by 2025. In a recent SailPoint Identity Study, 48 percent of companies have limited or no visibility into who is accessing their data. Organisations that integrate the latest in machine learning and smart technologies into their businesses are regarded as cutting-edge and primed for growth but haven’t factored in how they will manage these new identities. For example, tech-first companies like Amazon and Netflix are excelling using their base of advanced learning algorithms to bolster their e-commerce or content production. Indeed, organisations in a wide variety of industries are now pivoting towards a tech-led strategy, meaning that automated processes and interactions with AI will become a hallmark of the modern workplace.

With the introduction of bots and machine learning to the mix, it signals a new frontier in identity governance. And SailPoint is up to the challenge. Enterprises have historically focused their identity programs on three primary users; employees, contractors, and partners. In the new business world, non-human users have introduced a new identity type, posing an emerging challenge for modern enterprises to tackle. Managing these new identities is an essential new frontier in identity governance that enterprises cannot afford to leave out of their identity and security strategies today and in the future.

As part of the next-generation identity governance, the platform needs to provide companies with risk-based alerting capabilities to help detect suspicious activities and stay informed of violations in real time. It will need to provide machine learning, analysis, and information to help companies build in automation and make informed decisions about how best to protect their sensitive data files and applications.

The platform will need an automated, integrated alert management framework so that rules can be easily configured based on a single or threshold of multiple activities, or access to specific resources. The next-generation of identity management will need to provide organisations with predictive modelling, adaptive security, and real-time alerting.

Taking a comprehensive approach to identity governance enables organisations to leverage insight and awareness across their applications and files to proactively reduce security risks, as well as serve as an enabler for Cloud adoption.

SailPoint’s vision is to make identity the single source of truth for organisations today and the future, ensuring they have visibility and control over all of these crucial factors. Identity has never been so strategically important. It has become a board-level priority today. As the importance of identity increases in organisations, SailPoint’s approach will remain the same.

We are here to continually drive innovation in identity so you, our customers, can efficiently and securely manage your digital identities and embrace digital transformation with confidence—stopping Pablo Escobar cybercriminals in their tracks.

Check out: Top Identity and Access Management Consulting Companies in Europe

Read Also

Not Your Father's Identity and Access Management

Not Your Father's Identity and Access Management

Martin Ingram, Product Owner, Identity and Access management, Royal Bank of Scotland (RBS)
Balance between Opposite Forces / The Pursue for Trust

Balance between Opposite Forces / The Pursue for Trust

Paulo Moniz, Director - Information Security and IT Risk, EDP
Beyond the Traditional User Accounts Management

Beyond the Traditional User Accounts Management

Arun Raghavendra, Head of IAM Technology, Visa
Creating a Digital ID Ecosystem

Creating a Digital ID Ecosystem

Hugo Rousseau, Programme Manager, Financial Services & Payments, techUK

Weekly Brief