Page 27 - Cyber Defense eMagazine RSAC Special Edition 2025
P. 27

is knowing exactly what access an identity should have—and enforcing that across every application in
            the enterprise. Manually managing this at scale is impossible, which is why AI-powered solutions are
            becoming essential. AI can analyze patterns, detect excessive permissions, and automate least privilege
            enforcement,  reducing  the  attack  surface.  Without  AI,  organizations  sometimes  guessed—and  in
            cybersecurity, guessing can result in something being missed.

            With the increasing sophistication of insider threats, what measures should organizations take to balance
            security with user experience while managing internal access controls?

            Insider threats are tough—because these users already have access. Lock things down too much, and
            productivity grinds to a halt. Leave things too open, and you're inviting risk. The key is making sure the
            business understands why users have the access they do. That starts with clear entitlement and role
            descriptions—so  there’s  no  guesswork  about  who  needs  what.  Organizations  also  need  to  prevent
            access creep—employees shouldn’t accumulate permissions as they change roles. And with privileged
            accounts, bots, and AI agents expanding the attack surface, it’s critical to map out effective access across
            identities, not just humans.

            What are the key metrics or indicators you recommend measuring the effectiveness of an identity security
            program?

            Measuring identity security isn’t just about counting how many accounts you’ve locked down—it’s about
            understanding who has access to what and whether that access makes sense. Some key metrics to
            track:

               •  Percentage of users with least privileged access: Are employees only getting the access they
                   actually need?
               •  Access creep rate: How often do users retain old permissions when they change roles?
               •  Time  to  revoke  access:  How  quickly  are  accounts  deprovisioned  when  someone  leaves  or
                   changes jobs?
               •  Privileged access visibility: Do you know who owns, the purpose and access for every privileged
                   account, including bots and AI agents?
               •  Orphaned accounts: How many unused accounts are floating around, waiting to be exploited?
               •  Percentage of applications under identity management: How many apps are actually covered by
                   identity security controls? If you’re only managing a fraction, the rest are blind spots.

            If you’re not tracking these, you’re not measuring identity security—you’re just hoping for the best.



            In the next issue: Resiliency reimagined

            Uncover strategies and solutions to help your business prepare for, respond to, and recover from
            disruptions.

            Subscribe to The Current









                                                                                                              27
   22   23   24   25   26   27   28   29   30   31   32