Artificial Intelligence & Machine Learning , Events , Identity & Access Management

Why the Future of Security Is Identity

Experts Discuss Why Protecting Identities Requires Tailored Controls
Sunil Patel, managing director, IAM, Accenture Security; Matt Girdharry, leader for observability and security partnerships, AWS; and Brandon Traffanstedt, field CTO, CyberArk

The proliferation of identities, combined with cloud migration and the growing sophistication of attacks, has created the perfect storm for security teams who are facing a surge in identity-based cyberattacks. But as the number of identities grows, "you can do more with less," experts advise.

Protecting identities - developers, workforce, third parties and IT admins - requires tailored controls, and not all accounts need constant access. "If you don't use (the accounts) periodically, create it just in time when you need it and get rid of it and eliminate the threat," said Sunil Patel, managing director IAM at Accenture.

Rapid digitalization also means an increase in machine identities. "The identities we're securing, around 60% of them are people," said Matt Girdharry, leader for observability and security partnerships at AWS. "We have to make sure that we approach the human element, but also that we don't forget about the machine identities."

But managing identities is a game of prioritization and focus. Brandon Traffanstedt, field CTO for CyberArk referred to this a challenge that organizations will have to tackle.

"We tend to take all of these new identities and all of these new environments, and we begin to try and secure them in the same way. And we may not distinguish between what is a higher priority versus a lower priority," he said. "We have to recognize that not all of them are created equally, so some we may deprioritize … we have to make sure we're not just mixing all the identities together in all of the different environments."

In this video interview with Information Security Media Group at RSA Conference 2024, Patel, Girdharry and Traffanstedt also discussed:

  • How attackers have changed their tactics - logging in, rather than hacking in;
  • How enterprises are using generative AI in their identity security programs;
  • The rise in the types of identities and the need for every identity to access data across disparate resources.

Traffanstedt has more than 15 years of experience in the combined spaces of information security, development and systems engineering and has architected security solutions for some of CyberArk's largest global customers.

Patel has extensive experience guiding organizations through all aspects of their IAM journey, including planning, estimation, project management, implementation, and operations.

Girdharry works closely with customers and partners to help them accelerate their observability and security journeys using AWS, focusing on how partner strengths can supplement AWS services and industry solutions, while providing greater automation through AI.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.