Page 123 - Cyber Defense eMagazine October 2023
P. 123
Access Controls Essential to Threat Defense
Gartner describes IAM as “a security and business discipline that includes multiple technologies and
business processes to help the right people or machines to access the right assets at the right time for
the right reasons, while keeping unauthorized access and fraud at bay.” That means it’s critical to have
processes in place to manage your users’ identities, strongly authenticate those users for access, and
enforce the principle of least privilege to resources across the delivery landscape. Using a secure Linux
OS, separating critical data and applications from a device, and storing sensitive data in the cloud are
essential to threat defense. Centralization provides better access to threat defense and response tools
and allows for protection at scale. In concert, enterprises need to execute IAM access controls that
provide real-time monitoring and anomaly detection to prevent unauthorized users gaining control over
data or applications.
At the endpoint, the gating factor for secure access is validating the user identity. Regardless of device
or location an employee must be able to easily and securely obtain the applications they need.. Their
access depends on their roles and responsibilities and must be updated should they change roles or
leave the company. In this hybrid model, it is also critical to implement modern multi-factor authentication
(MFA) and single sign-on technology integrations that enhance security, mitigate the majority of phishing
attacks, and enable ease of use for the end user while enhancing the overall security posture.
Reducing Risk is a One-on-One Mandate
From the endpoint perspective, a secure OS, moving applications to the cloud, and stringent access
controls combined with adaptive MFA are the strongest defense against ransomware and malware. Even
with all of the proper controls in place, people remain the weakest link against the best cybersecurity
structure. Thales respondents still cite the #1 root cause of a cloud data breach as human error.
Workforce training and security awareness programs are critical to reducing human error. The Center for
Internet Security’s critical security controls include one on security awareness and skills training. “It is
easier for an attacker to entice a user to click a link or open an email attachment to install malware in
order to get into an enterprise, than to find a network exploit to do it directly,” CIS says. Beyond phishing,
enterprises need to train employees in password hygiene, remove the use of passwords where possible,
and reiterate the risks of sharing sensitive data outside the network, with those who do not have privileged
access.
More Security Work Ahead
Enterprises are making strides in security practices like removing passwords, enforcing MFA, and
implementing full stack IAM solutions but the work is not over as cybercriminals in 2023 are becoming
more active and successfully conducting attacks. They include LockBit, AlphaVM (BlackCat), and Black
Basta, according to a Black Kite Ransomware Threat Report.
Cyber Defense eMagazine – October 2023 Edition 123
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.