#GartnerIAM: Analytics in IAM Enable Security
A lot of negativity in security can be compounded with the positivity of the future of IAM and analytics.
Speaking at the Gartner IAM conference in London, Jason Keenaghan, program director of the IBM Security Offering Management at IBM said that a lot of security focus is on external attacks, the security operations center, endpoint and the attacks from within. “This is a focus for privileged access also, and what do with it,” he explained.
“There are two key things you need to do to protect: step one is to know who the users are, and how to get a level of assurance so you know who they are claiming to be. Step two is once you have identified who the user is and who has a digital identity, you cannot just be satisfied to know what they are going after.”
Pointing at the 2016 Verizon Data Breach Investigations Report, which found that 63% of incidents are ‘still down to username/passwords’ as organizations want to lock down security and don’t want crown jewels, Keenaghan argued that password-based authentication is at odds with usability, and whether employees or contractors want good security or user experience.
“It is easier said than done, especially as with the way we have looked at security,” he said. “We want to select proper authentication methods based on associated risk, such as what device they are coming from, what access rights the person has, what location they are coming from and what behavior they have had in the past. You need to take that all into account with an authentication strategy.”
Keenaghan pointed at a 2015 IBM XForce Report which revealed that 61% of organizations do not monitor privileged access users. Joining him on stage was Angelika Steinacker, who leads IBM's Identity & Access Management Competency in Europe, and Sridhar Muppidi, chief technology officer for Identity & Access Management Solutions for IBN Security Systems. Steinacker praised comments made in the opening keynote about analytics in IAM, and identity management and governance. In particular, she said that identity management has to be a business driven topic, and on fulfilling regulations, that is where IAM fits into regulations.
Muppidi pointed at the recent launch of IBM Watson, saying that cognitive decisions mean that machine learning can be a part of IAM, spotting attacks that SOCs and analysts overlook, and are “able to make risk-based authentication and entitlements, able to influence for multi-factor authentication and be more and more cognitive”.
Source: Information Security Magazine