In the last few years, companies have been under tremendous pressure to ensure that remote workers, contractors and employees are accessing company resources in a secure manner. Some major factors playing a role in this are the expanding types of identities, never-ending phishing attacks, flexible office hours, and the continued growth of cloud adoption.
To help companies rise above potential threats, recent research from the Identity Defined Security Alliance, 2022 Trends in Securing Digital Identities, conducted by Dimensional Research and based on an online survey of over 500 identity and security professionals, examines how organizations are defending against identity-related attacks and the internal factors that are both enabling and interfering with this progress.
Although incredibly insightful, a big missing link in these results is cyber-physical security convergence. As we know, leaders and industry experts are no longer talking about security in silos—and when it comes to identities in particular, it’s imperative that we look holistically at both cyber and physical security. To that end, let’s dive in.
A closer look into the four trends
When the pandemic ended, organizations were presented with a slew of challenges they had to address, particularly in terms of work processes. The new hybrid work shift meant that employees were depending on digital access like never before, and office doors were opening and closing during varying hours. With increased insider risk at stake, along with the other factors mentioned earlier, it’s no surprise that 65% of executive leaders report identities as a top three security program priority. In fact, a whopping 94% of executive leaders include identity investment as part of their strategic investments. But the identity-focused security must go beyond IT and include aconverged cyber-physical approach.
Whether it’s employees or visitors, companies are giving more individuals access to their systems and data than ever before—and it shows. According to the research by Dimensional Research, 84% of companies experienced an identity-related breach in the last year; 96% reported the breach could have been prevented or minimized by implementing identity-related security outcomes; and 78% experienced direct business impacts such as recovery costs and damage to their reputation as a result of a breach. How can we prevent that? By creating a unified cyber-physical identity profile that gives you full visibility of risk across digital and physical access. We call it Identity Intelligence. It allows organizations to get ahead of risk and to put power and peace of mind where it belongs. With them.
3. Investments in security outcomes still a work in progress, focus on basics lacking
More and more organizations are putting their money where their security gaps are: 97% will be investing in identity-focused security outcomes, the same as last year. And multi-factor authentication is a key focus area, particularly for privileged users and employees. An area that isn’t a major focus but should be? Automated removal of access during offboarding and automation. Simply enough, it’s too big a risk for companies to contend with. But it’s also one that can easily be eliminated. Our Guardian software takes both the guesswork and manual work out of the equation, ensuring access is removed every time.
4. Risky behavior reduced when executives focus on identity security
Whether intentional or accidental, security breaches happen. Luckily, companies are taking matters into their own hands and seeing positive outcomes. And education is a big part of that: for one, 71% have executives who speak publicly to employees about password security. It’s no surprise that IT and security stakeholders are more careful with work passwords when executives speak about their importance. Another way to empowering your workforce? With self-service security solutions that become an integral part of the employee hire-to-retire journey. Self-service portals for access requests, pre-registration for visitors and mobile credentialing for building access all promote a positive identity and access experience.
Identity risk may be on the rise, but effective solutions to mitigate risk are reaching new heights as well. Thing is, it won’t do us any good if we’re directing our energy and resources to siloed departments. For example, what would happen if one area of your business was targeted by attackers? Since these departments aren’t operating with one congruent system in place, would they be able to single-handedly stop the attacks—and quickly enough? And how would they be able to keep the attacks from spreading throughout your organization? That’s why it’s essential to look at these systems holistically and connect the pieces between IT, OT, HR and physical security. For our in-depth POV of this topic during Cybersecurity Awareness Month—check out Gartner’s top cybersecurity trends, what’s causing the major uptick in security threats, and how the U.S. government is taking action toward cyber and physical security convergence.
Let’s chat about how we can help your organization expand your security system without having to rip and replace anything at all. Contact us to learn more!