Seeing through the data: evolving identity governance with AI
February 22, 2018
By Kevin Cunningham, Chief Strategy Officer at SailPoint
In cybersecurity, visibility is everything. As last year’s repeated, high-profile cyberattacks proved, businesses are struggling to stay a step ahead in an ever-changing security landscape, facing cybercriminals who are ever more sophisticated, often outpacing today’s security investments. To put this into perspective, in the first half of 2017, over 1.9 billion records were exposed in data breaches. With many notable breaches occurring in the latter half of the year, it’s very possible we may dub 2017 the newest “Year of the Breach.”
With the EU General Data Protection Regulation (GDPR) around the corner levying hefty fines of up to 4% of a company’s turnover, it’s now more important (and more challenging) than ever for businesses to implement appropriate security strategies to protect their sensitive data and their reputations.
Identity governance is key in providing the much-needed oversight that security teams are seeking, because it provides complete visibility into and control over who has access to what, and whether that is appropriate for their relationship with the company. But with today’s overburdened security teams facing a barrage of alerts on a daily, hourly, and even by-the-minute basis, it’s near-impossible to manually sift through the noise to spot a potential threat tied to a stolen identity or misused credentials.
Businesses must now adopt practices to ‘see through’ the incredible amount of identity data that is circulating their systems, and that’s where identity analytics comes in.
Extending an overall identity programme with analytics makes identity governance smarter, helping businesses better understand the risks associated with user access by detecting anomalies that may be indicative of a breach and focusing governance controls to more efficiently and effectively manage identities. Identity analytics provides businesses risk context around their identity data, allowing them to focus on areas of heightened risk, automate low-risk activity and respond in real time, freeing security teams up to pursue more value-added activities that require deeper analytical skills to solve complex security problems.
Next level of identity management
At the core of identity analytics are a set of machine learning and artificial intelligence technologies. Artificial intelligence (AI) has been disrupting industries of all kinds, and identity governance is no exception. When it comes to identifying attacks and breaches, a large part of the challenge is quickly identifying what events actually matter. Business and security professionals can struggle to make sound decisions without the proper context, which is difficult to obtain amidst a sea of data and alerts.
Furthermore, the ability to crunch data and accelerate business productivity through powerful data analysis and machine learning optimizes identity governance processes. Learning from both data and human interactions, AI can solve some of the most common challenges that identity programmes face.
AI can make identity-aware infrastructures smarter, more intelligent, and more responsive, providing higher quality decision making within security programmes. Machine learning technology provides the analytical power and insight needed to effectively sort through all of the ‘identity noise’ to find those anomalies that really matter. This way, instead of working harder, businesses can begin to work smarter.
An identity management programme powered by AI can identify and contextualise behaviour, enhancing operational efficiency and business productivity. Visibility is key in any identity governance program, but the ability to turn that visibility into insights about high-risk users, access, and behaviours is even more important. These insights allow businesses to focus controls on the riskiest and most likely scenarios to be abused by external attackers or rogue insiders.
This real-time analysis of what is actually happening in the environment gives businesses the foresight needed to protect themselves and have a greater perspective on risk. Identity analytics is the logical and critical next step in the evolution of identity management.
About the author
Kevin Cunningham, Chief Strategy Officer at SailPoint
In his role as Chief Strategy Officer of SailPoint, Kevin is focused on the future of identity and driving the company’s product strategy to meet customer challenges. As co-founder of SailPoint, Kevin’s goal from the beginning was to build a forward-looking, agile company with the experience to deliver better service and superior innovation to customers. SailPoint combines all the flexibility of a small entrepreneurial company with a seasoned, experienced management team that brings deep expertise to the identity management space.
Under Kevin’s leadership, SailPoint has achieved landmark growth, posting significant revenue gains, expanding the customer and employee base, and building a global presence. Kevin works continuously to sharpen SailPoint’s strategic focus and to align strategic partnerships and corporate development with long-term expansion opportunities.
Ben Bulpett, EMEA Director, SailPoint, explores how organisations can safeguard against the insider threat. Today, a job is no longer for life. Job hopping, second careers and the ‘portfolio’ career are all …
Moving to a multi-cloud environment requires an appropriate security approach to ensure your data, applications, and systems stay protected. Steve Armstrong, Regional Sales Director of UK & Ireland at Bitglass, …