4 trends in securing identities (and the missing link)

In the last few years, companies have been under tremendous pressure to ensure that remote workers, contractors and employees are accessing company resources in a secure manner. Some major factors playing a role in this are the expanding types of identities, never-ending phishing attacks, flexible office hours, and the continued growth of cloud adoption.

To help companies rise above potential threats, recent research from the Identity Defined Security Alliance, 2022 Trends in Securing Digital Identities, conducted by Dimensional Research and based on an online survey of over 500 identity and security professionals, examines how organizations are defending against identity-related attacks and the internal factors that are both enabling and interfering with this progress.

Although incredibly insightful, a big missing link in these results is cyber-physical security convergence. As we know, leaders and industry experts are no longer talking about security in silos—and when it comes to identities in particular, it’s imperative that we look holistically at both cyber and physical security. To that end, let’s dive in.

A closer look into the four trends

1.     Identity growth continues, making identity a top security priority

When the pandemic ended, organizations were presented with a slew of challenges they had to address, particularly in terms of work processes. The new hybrid work shift meant that employees were depending on digital access like never before, and office doors were opening and closing during varying hours. With increased insider risk at stake, along with the other factors mentioned earlier, it’s no surprise that 65% of executive leaders report identities as a top three security program priority. In fact, a whopping 94% of executive leaders include identity investment as part of their strategic investments. But the identity-focused security must go beyond IT and include aconverged cyber-physical approach.

2.     Identity-related attacks are rising and impactful, but preventable

Whether it’s employees or visitors, companies are giving more individuals access to their systems and data than ever beforeand it shows. According to the research by Dimensional Research, 84% of companies experienced an identity-related breach in the last year; 96% reported the breach could have been prevented or minimized by implementing identity-related security outcomes; and 78% experienced direct business impacts such as recovery costs and damage to their reputation as a result of a breach. How can we prevent that? By creating a unified cyber-physical identity profile that gives you full visibility of risk across digital and physical access. We call it Identity Intelligence. It allows organizations to get ahead of risk and to put power and peace of mind where it belongs. With them.

3.     Investments in security outcomes still a work in progress, focus on basics lacking

More and more organizations are putting their money where their security gaps are: 97% will be investing in identity-focused security outcomes, the same as last year. And multi-factor authentication is a key focus area, particularly for privileged users and employees. An area that isn’t a major focus but should be? Automated removal of access during offboarding and automation. Simply enough, it’s too big a risk for companies to contend with. But it’s also one that can easily be eliminated. Our Guardian software takes both the guesswork and manual work out of the equation, ensuring access is removed every time.

4.     Risky behavior reduced when executives focus on identity security

Whether intentional or accidental, security breaches happen. Luckily, companies are taking matters into their own hands and seeing positive outcomes. And education is a big part of that: for one, 71% have executives who speak publicly to employees about password security. It’s no surprise that IT and security stakeholders are more careful with work passwords when executives speak about their importance. Another way to empowering your workforce? With self-service security solutions that become an integral part of the employee hire-to-retire journey. Self-service portals for access requests, pre-registration for visitors and mobile credentialing for building access all promote a positive identity and access experience.

Identity risk may be on the rise, but effective solutions to mitigate risk are reaching new heights as well. Thing is, it won’t do us any good if we’re directing our energy and resources to siloed departments. For example, what would happen if one area of your business was targeted by attackers? Since these departments aren’t operating with one congruent system in place, would they be able to single-handedly stop the attacksand quickly enough? And how would they be able to keep the attacks from spreading throughout your organization? That’s why it’s essential to look at these systems holistically and connect the pieces between IT, OT, HR and physical security. For our in-depth POV of this topic during Cybersecurity Awareness Month—check out Gartner’s top cybersecurity trends, what’s causing the major uptick in security threats, and how the U.S. government is taking action toward cyber and physical security convergence.

Let’s chat about how we can help your organization expand your security system without having to rip and replace anything at all. Contact us to learn more!

Let's chat.

David Cassady

Chief Strategy Officer

David Cassady has been selling and leading teams in Silicon Valley for more than 30 years. During that time, he’s led a mix of established software players and startups. Cassady has also been involved with five IPOs — and at least as many acquisitions. 

As Chief Strategy Officer, David leverages his extensive experience helping software businesses drive growth through deep and impactful partnerships with the world’s most successful SaaS providers like ServiceNow, Microsoft and SAP. 

Mark Weatherford

Chief Security Officer
Senior Vice President, Regulated Industries

Mark Weatherford brings years of high-level cyber-physical expertise to AlertEnterprise, and as Chief Security Officer (CSO), he guides the strategy of data management and protection by advising cyber-physical security policies and procedures within the company. Weatherford also works in liaison with businesses and executive professionals in the cyber and physical security industries to further accelerate security convergence adoption.

Mark has held numerous high-level cyber-centric positions, including Vice President and Chief Security Officer at the North American Electric Reliability Corporation (NERC), the Department of Homeland Security’s first Deputy Under Secretary for Cybersecurity under the Obama administration, California’s first Chief Security Officer, and the first CISO for the state of Colorado.

Harsh Chauhan

Chief Technology Officer

As Chief Technology Officer (CTO) of AlertEnterprise, Harsh Chauhan is responsible for the company’s engineering technology innovation and solution delivery. A 20-year technology veteran and leader, Chauhan is focused on the growth of the company’s 3D Governance Risk Compliance (GRC) hyperscale cloud platform.

He also continues to develop integrated solutions with leading technology partners like SAP, SAP NS2, and ServiceNow. Before AlertEnterprise, Mr. Chauhan held multiple CTO positions, as well as Product Owner and Head of Development at SAP GRC 10.0, delivering targeted solutions to high-profile SAP clients.

Ruby Deol

Chief Operations Officer

Ruby Deol oversees all business units at AlertEnterprise. With more than 20 years of experience in global sales and support services, Deol nurtures existing client relationships with a customer-first approach. As AlertEnterprise continues to grow in industry recognition and stature, Deol is charged with developing and implementing methods to meet organization goals and facilitate the company’s ongoing transformation.

Kaval Kaur

CFO and Co-Founder

As Chief Financial Officer (CFO) and Co-Founder of AlertEnterprise, Kaval Kaur leads all finance and administrative back-office operations. Kaur is a member of the national professional organization American Institute of Certified Public Accountants (AICPA) and the California State CPA Society.

Prior to joining AlertEnterprise, she was the CFO and Co-Founder of Virsa Systems, a position she held until its acquisition by SAP.

Kaur is a philanthropist at heart, embracing the diversity of the San Francisco Bay area by assisting with and promoting special cultural events. She recently sponsored 2,000 public schools in rural India to advance computer literacy skills for children and is a foster mother to a 10 year old.

Jasvir Gill

Founder and CEO

Leading the charge of digital transformation and security convergence is Jasvir Gill, Founder and CEO of AlertEnterprise, Inc. An accomplished engineer by trade, Gill is driving the long-overdue digital transformation of the physical security industry.

Prior to launching AlertEnterprise, Gill was the founder and CEO of Virsa Systems, where he grew the company into a global leader of application security software. An early pioneer in establishing governance, risk and compliance as a software market segment, he drove exponential growth at Virsa, facilitating its acquisition by SAP in 2006.

In his free time, Jasvir helps drive social and economic empowerment in the community. He’s also a trustee at the American India Foundation.