In May, news broke that the UK’s National Health Service (NHS) had shared “details about patients’ medical conditions, appointments and treatments with Facebook.” NHS trusts accidentally shared “granular details” about the pages patients viewed, their IP address, and Facebook account information.
The NHS story demonstrates the interconnectedness of today’s world—and the risks that can result from those interconnections: more users with more accounts are generating more information on more devices, with complex access and compliance requirements regulating how that information is stored and processed. That growth and complexity create a larger and more vulnerable attack surface.
Fittingly, that same month leaders from across Europe traveled to V2 Cybersecurity 2023, Denmark’s largest conference on cyber security and data. Nearly all of Europe is grappling with how to prepare for an increasingly interconnected and at-risk world: The European Union member states and the European Parliament are developing an Architectural Reference Framework that will develop implementation guidelines for the European Digital Identity Framework. The European Parliament is also developing the Network and Information Security (NIS2) directive, “the first piece of EU-wide legislation on cybersecurity,” which will have direct impacts on the future of identity security and compliance requirements.
The first line of defense
With these emerging regulations taking shape and the attack surface expanding rapidly, identity security was top of mind at V2 Cybersecurity. The Identity security domain plays a crucial role.
During the event, I detailed the importance of safeguarding our personal information and the role that identity plays in securing our digital presence. Our identities serve as the key to accessing various aspects of our lives, including financial transactions, online accounts, governmental services, and personal data.
Yet despite its critical role, identity security for both individuals and organizations tends to be somewhat lacking. Ransomware attacks have consistently remained a top threat despite investments in detection and remediation. Ransomware attacks are often preceded by credential theft allowing cybercriminals to move laterally to critical assets to encrypt an organization’s data. Stolen credentials are one of the hardest to identify and remediate according to the Cost of Data Breach Report issued by IBM.
Another way of putting it: one of cybersecurity’s top threats begin by attacking identity. It follows that, by strengthening identity protection using phishing-resistant technologies and intelligence and resilient multi-factor authentication (MFA), we can effectively combat this threat.
More than security
Bad as ransomware is, it’s not the only threat attacking identities. Some of the biggest breaches of 2022 attacked gaps in organizations’ identity infrastructures—and many evaded MFA or had gaps in their user life cycle management and in some cases both.
As cyber threats continue to evolve, it is imperative to recognize the critical role our identity plays in protecting our digital assets. Using advanced techniques through AI and policies that provide secure alternate techniques reduces risk and providing mobile threat detection software also enables compliance with NIS2 requirements. By securing identity, not only through stronger authentication that protects against MFA attacks but also through greater automation and visibility to provide insights to access and the phases of the user lifecycle, we fortify the first line of defense against malicious actors seeking to exploit our personal information.
There is some good news: while security is paramount, investing in identity can help organizations maintain compliance, provide frictionless experiences, reduce help-desk costs, and automate authentication for high-risk access requests. Identity serves various roles across the organization, which is why leaders should prioritize it accordingly. As a risk mitigation strategy, it covers a lot of ground for the investment.