Although many Identity and Access Management (IAM) solutions are accessible to organizations, 84% of respondents had experienced an identity-related breach according to the Delinea Global IT Security Decision Makers’ Survey.

In this episode of TFiR Let’s Talk, Swapnil Bhartiya sits down with Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, to discuss the security landscape for enterprises and some of the key challenges organizations are facing. He goes on to talk about moving towards context-based security and the need for security to work in the background. He shares his insights into the steps organizations can take to improve their security posture for identity and access management.

Key highlights of this video interview are:

• Security is becoming a bigger priority for organizations around the world with boards starting to understand more about cybersecurity and the potential threats to their businesses. However, Carson feels that the executive team is still not always following through and making the necessary changes in cybersecurity.
• Carson explains that Delinea’s research aimed to better understand organizations’ user privileges and what security controls are in place to protect the organizations as well as the board’s understanding.
• Attackers’ techniques are getting far more difficult to tell between authentic authorization requests and malicious ones teamed with social engineering. Carson explains that they are seeing cyberattackers specialize in certain areas, which is challenging for organizations to protect themselves from. He discusses how organizations need to find a balance between security and productivity.
• Carson feels that we should not be forcing security on employees but rather make security work for them and help them make the right decision. He explains how organizations should be focusing more on having security controls in the background, giving the example of password management. He discusses the need to move towards context-based security that complements easy-to-use experiences.
• Key findings in the survey are that 84% of the respondents had experienced an identity-related breach. Carson explains that he was surprised also at the lack of breadth to the privilege security controls in place. He discusses why he feels organizations need to start performing risk-based assessments to understand which accounts need protecting the most.
• Although there are many IAM solutions available, identity-related breaches continue to rise. Carson explains the key factors that contribute to this increase in identity breaches saying that identities are often treated individually with different security controls leading to organizations losing sight of security controls and consistency problems.
• Carson shares his insights into how organizations can improve their security posture, stressing the need for organizations to gain a good understanding of their privileges and organization. He goes into detail about the PAM matrix and how it can help organizations with their auditability and understanding their current maturity in IAM.
• The security landscape is changing with identities becoming the perimeter and access becoming the security of an organization, according to Carson. He explains the evolution from Bring Your Own Device (BYOD) to Bring Your Own Office and how this is changing the security needs for organizations.

Connect with Joseph Carson (LinkedIn, Twitter)
Learn more about Delinea (Twitter)

The summary of the show is written by Emily Nicholls.