Identity & Access Managements, GRC, SIEM: Tackling Identity Risk as One

In the late 1700s, the first Industrial Revolution forever changed the course of human history. The steam engine, machine-powered automation and the factory system made the manufacture and availability of goods ubiquitous. Today, we are in the midst of the next great industrial revolution as the power of cloud, mobility and machine-based analytics makes the goods of the 21st century—information—available to anybody at any time, and from anywhere. This digital transformation changes the way we work, the way we live and the way we interact with one another. Businesses that do not embrace this change will quickly find themselves going the way of the horse-and-buggy.

This transformation comes with a cost. Digital transformation introduces digital risk, with identity risk being one of the most significant. 81 percent of web-based attacks use stolen credentials. In 2017 alone, this equated to more than 164 million compromised user accounts, along with untold billions of dollars in damages from intellectual property theft, regulatory fines and reputational damage. Identity risk has become a board-level conversation and can no longer remain the sole responsibility of the identity and access management team. Understanding and mitigating this risk requires a continuous and pervasive fabric of identity analytics and insights connecting the disciplines of identity and access management (IAM), security information and event management (SIEM), and governance, risk and compliance (GRC) to answer the “Four Ws” of identity risk (in the spirit of journalism’s classic “Five Ws” of information).

The role of identity and access management systems (Read more...)

*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Dave Taku. Read the original post at: http://www.rsa.com/en-us/blog/2018-07/iam-grc-siem-tackling-identity-risk-as-one.html