Identity Therapy: Surviving the Explosion
of Users, Access, and Identities
Kurt Johnson
VP Strategy & Corporate Developmen...
2
Courion Mission
Help customers
succeed in a world
of open access and
increasing threats.
3
Customer Need
Mobile AppsCloud Systems & Apps
Data
Resources
Assets
Systems & Apps
ACCESS
Ensure the Right People
have t...
4
5
6
7
8
9
Reputation Risk
10
Financial Risk
11
12
13
14
15
Source: 2014 Verizon Data Breach Investigations Report
Number of breaches per threat action category
16
Hacking breaches by type
0%
10%
20%
30%
40%
50%
60%
2009 2010 2011 2012 2013
Source: 2014 Verizon Data Breach Investiga...
17
Identity and Access Management Controls
Provisioning
Governance
18
19
2013 may be remembered as the
“year of the retailer breach”, but
a comprehensive assessment
suggests it was a year of
t...
20
Verizon 2014 PCI Compliance Report
21
PCI DSS Requirement 8:
Identify and authenticate access to system components
“Only 24.2% of organizations that
suffered...
22
Top Audit Findings
0% 5% 10% 15% 20% 25% 30% 35% 40%
Lack of sufficient segregation of duties
Removal of access followi...
23
24
Identity and Access Management Controls
Provisioning
Governance
25
26
27
28
29
30
31
32
Identity of the Internet of Things
(ID) (IoT)
33
ID IoT
34
35
Source: PWC Global State of Information Security Survey, 2014
36
Percent of breaches where time was days or less
Source: 2014 Verizon Data Breach Investigations Report
37
POS Intrusions Discovery Method
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Internal
External
99%
1%
Source: 2014 Veriz...
38
“Shift your security mindset from incident
response to continuous response, wherein
systems are assumed to be compromis...
39
40
41
42
43
44
45
46
47
48
Multi-dimensional analysis
Trillions of access
relationships
100’s of policies
& regulations
POLICIES
1000’s of
applica...
49
50
51
52
53
Intelligent Governance •  New account created outside
provisioning system
•  High risk application
•  High risk set of ...
54
Provisioning Today
Provisioning
Request
Policy
Evaluation
Approval Fulfillment
Reject
Request
55
Intelligent Provisioning
Provisioning
Request
Policy
Evaluation
Fulfillment
Risk
Scoring
56
Intelligent Provisioning
Provisioning
Request
Approval Fulfillment
Reject
Request
Policy
Evaluation
Risk
Scoring
57
Intelligent Provisioning
Provisioning
Request
Policy
Evaluation
Approval Fulfillment
Additional
Approval
Reject
Request...
58
59
60
61
“By year-end 2020, identity analytics
and intelligence (IAI) tools will deliver
direct business value in 60% of
enterpr...
62
Continuous
Monitoring
& Analytics
GovernanceProvisioning
Intelligent IAM
Policy
Upcoming SlideShare
Loading in …5
×

CIS14: Identity Therapy: Surviving the Explosion of Users, Access and Identities

622 views

Published on

Kurt Johnson, Courion

A discussion of how identity management needs to move to the next generation of intelligent IAM, combining traditional elements of provisioning and governance with continuous monitoring and rich analytics to identify risk, threats, and vulnerabilities to access.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
622
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
27
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

CIS14: Identity Therapy: Surviving the Explosion of Users, Access and Identities

  1. 1. Identity Therapy: Surviving the Explosion of Users, Access, and Identities Kurt Johnson VP Strategy & Corporate Development Courion Corporation @kurtvjohnson
  2. 2. 2 Courion Mission Help customers succeed in a world of open access and increasing threats.
  3. 3. 3 Customer Need Mobile AppsCloud Systems & Apps Data Resources Assets Systems & Apps ACCESS Ensure the Right People have the Right Access to the Right Resources and are doing the Right Things
  4. 4. 4
  5. 5. 5
  6. 6. 6
  7. 7. 7
  8. 8. 8
  9. 9. 9 Reputation Risk
  10. 10. 10 Financial Risk
  11. 11. 11
  12. 12. 12
  13. 13. 13
  14. 14. 14
  15. 15. 15 Source: 2014 Verizon Data Breach Investigations Report Number of breaches per threat action category
  16. 16. 16 Hacking breaches by type 0% 10% 20% 30% 40% 50% 60% 2009 2010 2011 2012 2013 Source: 2014 Verizon Data Breach Investigations Report Use of stolen credentials Brute force Backdoor or C2 SQL Footprinting
  17. 17. 17 Identity and Access Management Controls Provisioning Governance
  18. 18. 18
  19. 19. 19 2013 may be remembered as the “year of the retailer breach”, but a comprehensive assessment suggests it was a year of transition from geopolitical attacks to large-scale attacks on payment card systems
  20. 20. 20 Verizon 2014 PCI Compliance Report
  21. 21. 21 PCI DSS Requirement 8: Identify and authenticate access to system components “Only 24.2% of organizations that suffered a security breach were compliant with Requirement 8 at the time of the breach” “64.4% of organizations failed to restrict each account with access to cardholder data to just one user” “More than half of insiders committing IT sabotage were former employees who regained access via backdoors or corporate accounts that were never disabled” Source: Verizon 2014 PCI Compliance Report
  22. 22. 22 Top Audit Findings 0% 5% 10% 15% 20% 25% 30% 35% 40% Lack of sufficient segregation of duties Removal of access following a transfer or termination Excessive developers' access to production systems and data Excessive acess rights 30% 18% 22% 31% 31% 27% 31% 38% 28% 29% 29% 36% 2012 2010 2009 Source: Deloitte Global Financial Services Security Survey
  23. 23. 23
  24. 24. 24 Identity and Access Management Controls Provisioning Governance
  25. 25. 25
  26. 26. 26
  27. 27. 27
  28. 28. 28
  29. 29. 29
  30. 30. 30
  31. 31. 31
  32. 32. 32 Identity of the Internet of Things (ID) (IoT)
  33. 33. 33 ID IoT
  34. 34. 34
  35. 35. 35 Source: PWC Global State of Information Security Survey, 2014
  36. 36. 36 Percent of breaches where time was days or less Source: 2014 Verizon Data Breach Investigations Report
  37. 37. 37 POS Intrusions Discovery Method 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Internal External 99% 1% Source: 2014 Verizon Data Breach Investigations Report
  38. 38. 38 “Shift your security mindset from incident response to continuous response, wherein systems are assumed to be compromised and require continuous monitoring and remediation.” “Designing an Adaptive Security Architecture for Protection From Advanced Attacks” Peter Firstbrook and Neil MacDonald, 2014.
  39. 39. 39
  40. 40. 40
  41. 41. 41
  42. 42. 42
  43. 43. 43
  44. 44. 44
  45. 45. 45
  46. 46. 46
  47. 47. 47
  48. 48. 48 Multi-dimensional analysis Trillions of access relationships 100’s of policies & regulations POLICIES 1000’s of applications, file shares & resources RESOURCES Millions of actions ACTIVITY 100’s of thousands of access rights & roles RIGHTS 100,000’s of people, millions of identities IDENTITY
  49. 49. 49
  50. 50. 50
  51. 51. 51
  52. 52. 52
  53. 53. 53 Intelligent Governance •  New account created outside provisioning system •  High risk application •  High risk set of entitlements •  Employee not in HR system …another …and another
  54. 54. 54 Provisioning Today Provisioning Request Policy Evaluation Approval Fulfillment Reject Request
  55. 55. 55 Intelligent Provisioning Provisioning Request Policy Evaluation Fulfillment Risk Scoring
  56. 56. 56 Intelligent Provisioning Provisioning Request Approval Fulfillment Reject Request Policy Evaluation Risk Scoring
  57. 57. 57 Intelligent Provisioning Provisioning Request Policy Evaluation Approval Fulfillment Additional Approval Reject Request Risk Scoring
  58. 58. 58
  59. 59. 59
  60. 60. 60
  61. 61. 61 “By year-end 2020, identity analytics and intelligence (IAI) tools will deliver direct business value in 60% of enterprises, up from <5% today.” Intelligent IAM
  62. 62. 62 Continuous Monitoring & Analytics GovernanceProvisioning Intelligent IAM Policy

×