A Better Way to Resist Identity-Based Cyber Threats

New approaches to identity access management are indispensable.

Marcus Bartram, General Partner, Telstra Ventures

November 9, 2022

5 Min Read
identity access management
Source: Aleksandr Khakimullin via Alamy Stock Photo

Take a moment to consider how frequently you authenticate your identity online: checking your email, logging in to your bank account, accessing cloud-based productivity tools, booking a flight, paying your taxes. We confirm our identities so many times every day that things like providing personally identifiable information and confirming a login attempt through our smartphones have become second nature. 

These are all reminders that identity is the foundation of cybersecurity — which is why it's also a major attack vector that can be exploited by cybercriminals. There are many tools that can prevent hackers from using the identities of their victims to infiltrate organizations and steal sensitive data, such as password managers and multifactor authentication. However, the adoption of these tools isn't as widespread as it should be — identity protection is often siloed, which means entire networks can be put at risk by single entry points. 

This is why many companies are moving toward a more comprehensive security architecture that will allow them to systematize their identity access management (IAM) protocols and defend many attack vectors at once. It has never been more critical for companies' cybersecurity platforms to be adaptive, automated, and distributed, which is why they're increasingly adopting flexible IAM systems that offer protection at every level. 

Identity Is a Significant Attack Vector

There are many reasons cybercriminals target IAM systems: these systems are often especially vulnerable because they're dependent on individual user behavior, fragmented cloud applications create many lines of attack, and a single access point often allows bad actors to break into entire networks. It's no surprise that, according to the 2022 Verizon "Data Breach Investigations Report," the use of stolen credentials is the top action variety in breaches. 

Verizon researchers outline yet another reason why cybercriminals prioritize identity: "We've long held that credentials are the favorite data type of criminal actors because they are so useful for masquerading as legitimate users on the system." When cybercriminals use credentials or other stolen forms of identity to access a network, they can operate undetected for long periods of time, which allows them to install malware, manipulate privileges, and deceive other users to steal sensitive data or gain deeper access.

This problem is all the more urgent with the proliferation of devices and cloud-based services employees use for work, as well as the continued reliance on remote and hybrid work. As employees sign in to their work accounts from home and around the world — sometimes using unsecured Wi-Fi at airports, coffee shops, and hotel lobbies — siloed IAM systems have become even more dangerous. 

Poor Cybersecurity Hygiene and the Risks of Siloed IAM

Human behavior is one of the most significant cybersecurity liabilities any company faces, and flawed IAM security architecture is one of the main reasons why. At a time when companies are simultaneously using an average of three clouds with many different apps and devices, IAM is more important than ever. But relying on individual users and disconnected security protocols dramatically increases the risk of a breach. 

Although there are plenty of digital tools that can make apps and other cloud-based services safer, many employees fail to use these tools. For example, despite the fact that password security habits are notoriously unhealthy — almost two-thirds of people reuse passwords, and 13% use the same password for every account — less than a quarter say they use a password manager. The same applies to other forms of access: a 2021 survey found that less than one-third of respondents use two-factor authentication across all applications. 

It's costly and inefficient to develop IAM protocols for the full range of devices and apps that employees use, and it isn't feasible for companies to redevelop all their legacy apps to meet emerging security requirements. This is why many companies feel like they're stuck with a status quo that leaves them susceptible to cyberattacks — they lack the robust, standardized security architecture necessary to protect their networks and systems across the board. But this perception is changing with the rapid evolution of IAM architectures. 

The Emergence of Orchestrated IAM

Many factors are coming together at the same time and forcing companies to revisit their IAM frameworks: digitization, more distributed workforces, and a profusion of cloud-based apps. These developments should cause companies to create more comprehensive, coherent, and adaptive IAM systems, but in too many cases they're having the opposite effect. Companies are scrambling to keep up with new technological developments and the shifting cyber-threat landscape, which is causing them to make even more disjointed decisions. 

A recent Gartner report emphasized these problems and argued that organizations should "evolve their identity and access management (IAM) infrastructure to be more secure, resilient, composable and distributed." Gartner explained that this evolution should involve the establishment of an "identity fabric using a standards-based connector framework across multiple computing environments, so that the organization can answer the question of who has access to what, regardless of where the resources and users are located." The answer to siloed IAM systems is the creation of an orchestrated and unified platform that will allow companies to make identity security more consistent across users and apps.

There's no sign that cybercriminals will stop using identity to penetrate secure systems and steal from companies. Although recent technological developments have increased the number of identity-based vulnerabilities for cybercriminals to exploit, companies are quickly learning how to keep their networks safe. The development of new approaches to IAM will be an indispensable part of this process.

About the Author(s)

Marcus Bartram

General Partner, Telstra Ventures

Marcus Bartram is General Partner at Telstra Ventures, a San Francisco-based VC firm that incorporates data science and quantitative analysis of non-financial data into its mix of investing criteria. The firm invests in midstage tech companies in various sectors, including cloud, cyber, crypto, carbon/climate, coders, creators, consumers, software, and digital. Marcus is on the founding team and has led investments in cybersecurity companies like CrowdStrike, Auth0, Anomali, Cequence, CloudKnox, Cofense, CyberGRX, Elastica, vArmour, and Zimperium. 

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights