Joe Diamond, senior director of product marketing for Okta, said as it becomes more apparent that cybersecurity is a shared responsibility, there is a growing need to provide cybersecurity tools that are designed to meet the needs and capabilities of different classes of users.
The first two products being rolled out as part of an Okta SecurityInsights initiative are UserInsight, a tool through which end users can report suspicious activity, and HealthInsight, which surfaces best cybersecurity practices recommendations for administrators.
After Okta UserInsight allows end users to report suspicious activity, Okta Cloud services can then use those alerts to employ identity to automate incident remediation workflows, thanks to integration between Okta Cloud and third-party security orchestration, automation and response (SOAR) and security information and event management (SIEM) platforms.
Okta HealthInsight then leverages all those alerts along with continuous monitoring capabilities to make suggestions to improve cybersecurity that can be implemented automatically via the HealthInsight console, said Diamond.
Okta, he noted, is simultaneously trying to make it practical to employ end users as a first line of cybersecurity defense, while making it easier for cybersecurity professionals to act on the intelligence.
Diamond added the company envisions making it possible for IT professionals of varying skill sets to also respond to new cybersecurity threats by, for example, enabling a developer to apply a cybersecurity policy without having to wait for the approval of a cybersecurity team. The assumption is that once a threat is recognized, an organization should be able to address it without requiring cybersecurity teams to be available on a 24/7 basis.
Okta SecurityInsights is a complementary portfolio of offerings that complements the authentication software and services that the company is already known for among cybersecurity professionals, Diamond said. Both UserInsight and HealthInsight are built on top of its ThreatInsight offering, which aggregates data supplied by Okta customers to identify malicious IP addresses.
End users, of course, are always going to need some level of continuous training as the cybersecurity threat landscape continues to evolve. However, given the volume of threats organizations face today, there’s no viable cybersecurity framework going forward that won’t rely on some level of input from end users. They aren’t likely to be able to identify every type of new threat, but the more end users perceive they have the ability to do something about the threats they do recognize, the more likely it becomes they will participate more proactively in helping to combat those attacks.
In the meantime, overtaxed and underappreciated cybersecurity professionals should look for help from anywhere in the organization they can find it. Cybersecurity professionals might even be able to take a day off here and there knowing that until they return, someone in the organization other than them can fend off a new attack.