The cybersecurity landscape is changing. Breaches are on the rise. Threats, both internal and external, are more profound than ever before. To complicate matters, budgets are declining and organizations are expected to do more with less. Gone are the days of indiscriminant spending in response to a breach; cybersecurity practitioners are expected to make the most of existing investments, ideally having them work together.
“Identity is the new Perimeter,” is overused and does not capture the nuances of the modern security environment. Thinking of identity only as a perimeter defense, omits the certainty that a portion of your credentials will be breached. As a perimeter defense, identity is also the most vulnerable.
“Companies spend millions of dollars on firewalls and secure access devices, and it’s money wasted because none of these measures address the weakest link in the security chain: the people who use, administer and operate computer systems.”
– Kevin Mitnick
Identity has emerged as a critical integration layer and business differentiator as opposed to merely a perimeter defense. Technology Alliance Programs are the common source for integrations, but how can you be sure that vendors are working together to address the most important use cases? Where are the opportunities for integrating identity across your security infrastructure? Where do I start/what integrations are the low hanging fruit in the quest to be more secure?
With a comprehensive integration framework and a community of security practitioners, the Identity Defined Security Alliance (IDSA) has developed an initial set of robust integration use cases for organizations to get the maximum value from their cybersecurity investments. The IDSA is made up of vendors that provide proven products that have been integrated to solve real-world problems and end customers who provide oversight and validation.
The integration points detailed by the IDSA give organizations a jump start on determining how solutions from the members can fit into existing infrastructures, allowing the blueprints and the vendor solutions to be leveraged in both greenfield projects as well as legacy environments.
By ensuring that members provide real value to their customers as part of an integrated platform, the IDSA makes it easier for organizations to determine what gaps might exist in their existing security practice, quickly determine and evaluate the vendors that can fill them and leverage a solutions provider to implement full-featured solutions that provide the fastest time to value.
The work of the IDSA was recently used to demonstrate the ability to track and respond to risky user behavior and provide the ability to automatically respond to events that exceeded a configured risk threshold. This demonstration included products from 9 vendors, all sharing risk data.
While an integrated environment may not provide an impenetrable identity infrastructure, it provides more visibility in to the risk associated with the users in the organization, and allows for more timely reaction to compromised and misused credentials. This visibility allows for a greater overall security posture and greater value to the organization with better use of existing tools.