The brain works in funny ways. I can remember lyrics from a song I haven’t heard in decades or describe a scene from a movie I saw five years ago, but I can’t tell you what I had for breakfast last Tuesday, and I struggle to recall chemistry lessons from high school. I typically don’t retain details from work meetings without taking notes, but I can still remember my son’s funny story about birds from three weeks ago.
I am not a neuroscientist, and I don’t pretend to fully understand the mechanics of why the brain struggles to retain some types of information, while other details are easier to remember. The simple fact is that content that is narrated as a story tends to be more memorable, and we can use that to our advantage in cybersecurity.
The vast majority of cyberattacks revolve around identity in some way, so it is vital to understand and implement established best practices for identity and access management (IAM). The challenge is that IAM is not always well understood by other cybersecurity or IT professionals, so we need to find ways to make the information more engaging and memorable.
Identity and Access Management
Organizations of all sizes and across all industries are under essentially constant siege from cyberattacks. On any given day, companies must defend against phishing scams, ransomware, denial of service attacks, data theft, and a myriad of other malicious attacks. One thing that virtually all attacks have in common, though, is that they exploit identities in some way.
There are lots of tools that make up effective cybersecurity—firewalls, anti-malware, endpoint detection and response (EDR), spam filters, etc. All of them play a role, but Identity Access Management (IAM) is a crucial component that spans every element of your security posture. IAM is not a magic bullet that will protect you from all attacks in and of itself, but following IAM best practices and fundamentals will prevent most attacks and forms the foundation on which the rest of your security posture is built.
Identity-centric security can improve your security posture and reduce the risk of compromise or breach. You need to determine the security challenges you face and implement identity best practices.
Every environment is different, and context is essential for effective security—but the fundamentals remain the same, especially when it comes to securing identity. The guidance shared as part of Identity Management Day provides a solid foundation:
- Clarify Ownership of All Identities: Who is responsible for the creation, removal, maintenance, and security of a given identity?
- Establish Unique Identifiers: Unique IDs for every identity enable an accurate forensic trail.
- Authoritative Source of Trusted Identity Data: A strong root of trust is crucial because important security decisions are made based on this trust.
- Discovery of Critical and Non-Critical Assets and Identity Sources: Visibility is critical. You can’t protect identities you aren’t even aware of.
- Privilege Access Management: Threat actors access systems and resources at the level of the compromised identity, so the concept of Least Privilege Access is important.
- Automate Provisioning/De-Provisioning: Manual processes create windows of opportunity for attackers and typically do a poor job of hygiene and de-provisioning.
- Focus on Identity-Centered Security Outcomes: Combine IAM with security capabilities to enable the desired security outcomes.
- Implement Passwordless Multi-Factor Authentication: A simple and secure single-step process to log in.
- Establish Governance Processes and Program: Identity is essential for productivity and security and should be managed from a cross-functional perspective to ensure the needs of all teams are considered.
Hacking the Brain with Engaging Content
IAM is vital for effective cybersecurity, but giving someone a list of things to do is usually just overwhelming, rather than persuading them or inspiring them to action. The challenge is to trick the brain into remembering it like a song you grew up with rather than forgetting it like the email you read two hours ago. It is important to ensure the subject is conveyed in a way that is engaging and memorable.
The CISO Chronicles
Cybersecurity is crucial for business, and identity plays an essential role in that effort. Threat actors are constantly looking for ways to compromise or hijack accounts, which is why it’s important for IT teams to understand the basic principles and the value of effective IAM. The challenge is conveying this information through a character and plot that resembles our day-to-day reality.
The Identity Defined Security Alliance (IDSA) strives to address that challenge with a new fictional series, CISO Chronicles: The Gathering Storm. The protagonist in the story is faced with insurmountable challenges of a cyberattack, working with limited resources, making complex decisions, and may be perceived as a hero in the end. The first two episodes in the series are engaging, quick reads, but—more importantly—you will learn valuable concepts and principles of securing digital identities in a way that takes advantage of how the brain works to ensure you retain the information.
DISCLAIMER – This post is my own and does not necessarily reflect the views of my current and/or previous employers.