Security News > 2023 > September > Companies need to rethink how they implement identity security
Furthering the challenges for CISOs is a continual misalignment between security and identity teams.
Visibility into the identity attack surface continues to be insufficient, leaving organizations exposed to bad actors who can access their environments, move laterally inside their networks, and wreak havoc in minutes.
Protecting the identity attack surface - which extends far beyond traditional identity access management tools - is the last line of defense in detecting and preventing such threats in real-time.
Only one in five organizations are highly confident that they could prevent identity threats.
"Today's organizations are challenged with securing many different 'silos' of digital identity across complex hybrid and multi-cloud environments. Each of these environments has different identity security controls, which don't work together and result in partial security, inconsistent user experience, and redundant costs," said Hed Kovetz, CEO of Silverfort.
Some of the most critical systems in every company don't have identity security available at all, and bad actors know it. This new research emphasizes that organizations need to rethink how they implement identity security, and develop a strategy that covers the entire identity attack surface - including human and non-human identities, privileged and non-privileged users, on-prem and cloud environments, IT and OT infrastructure, and many other areas that they didn't previously manage to protect," concluded Kovetz.
News URL
https://www.helpnetsecurity.com/2023/09/12/identity-attack-surface-visibility/