Intelligent CISO Issue 47 | Page 49

This shift to remote and hybrid working has reinforced the idea that identity is central in a strong cybersecurity strategy .
Craig Ramsay , Senior Solution Consultant , Omada

E

Employers and their workers have adapted to remote and hybrid work and these changes are likely here to stay . Cloud migration has been a major factor in this transition , with some companies merely accelerating their Digital Transformation timelines and others quickly creating digital strategies ad hoc .
Now that the world has had almost two years to adapt , organisations have been able to see what does and doesn ’ t work for both them and their identities . Continuous revaluation of remote and hybrid working strategies are key to maximising productivity and , just as importantly , ensuring it is done securely .
As identities continue to access more and more resources remotely , organisations are faced with increasingly complex security considerations . In fact , attackers pivoted from targeting corporate networks to home networks early in the pandemic because they knew the latter are typically much less secure , as organisations rushed to keep productivity high , security was an afterthought in some cases . In addition , the attack surface proliferated wildly with thousands of new endpoints to potentially exploit as a beachhead into the corporate network .
Thus , this shift to remote and hybrid working has reinforced the idea that identity is central in a strong cybersecurity strategy . The traditional IT security perimeter no longer exists , with many applications and services now hosted in the cloud being accessed by a variety of identities in the office , at home , on the road , or a combination of all of these .
To make sure all identities , including third parties and technical identities , have appropriate and secure access to these new cloud-based and legacy on-premise applications , organisations need to transform the way they deploy and manage their identity governance and identity management initiatives . Combine this with the emergence of Zero Trust and it really has confirmed identity as the ultimate control plane .
FEATURE
With that in mind , let ’ s explore what 2022 will bring in relation to the management of identities and their associated risk .
Ongoing cloud adoption
2022 will see ongoing adoption of SaaS solutions and cloud services . In a survey by Enterprise Strategy Group , respondents reported that 52 % of business-critical apps are now cloud-based rather than on-premise – and that number is only growing . Organisations are now able to switch vendors and to scale up services they have been using more easily than ever before . This subsequently increases the threat surface within organisations when it comes to managing identity related risk .
This shift to remote and hybrid working has reinforced the idea that identity is central in a strong cybersecurity strategy .
Consequently , organisations need to securely scale with demand and manage their identities across an evergrowing number of applications and services . To meet this need , identity governance solutions must be able to provide a cloud-native foundation of versatile configurability .
Greater autonomy in IAM
The year will also bring increased autonomy in identity governance processes . At present , these processes still involve a combination of manual and semi-autonomous activities , meaning that there can be considerable overhead for administrators and end-users . This manual effort combined with the continued shortage of IT and security professionals is not sustainable . www . intelligentciso . com
49