What you Missed in the White House National Cybersecurity Strategy

On the heels of the White House’s National Cybersecurity Strategy, there were plenty of reactions and opinions about how cybersecurity strategies and priorities must change. But most people missed one critical callout: Enterprises and major cybersecurity providers must prioritize digital identity solutions, emphasizing a more proactive approach to security as responsibilities shift away from consumers and small-to-medium-sized businesses (SMBs) and onto larger Fortune 500 and enterprise organizations.

The identity security piece is absolutely crucial because compromised identity credentials are the reason behind most data breaches. Today, the tools and processes exist to shift to a more proactive approach, so organizations need to urgently mitigate the risk of a data breach, or it’s likely that not just one but multiple breaches will occur.

As industries across the nation begin to rethink and reprioritize their cybersecurity strategies in 2023, there are five key factors that will help businesses of all sizes close identity security gaps and shift to a more proactive approach— ultimately protecting employee and customer data:

1. Identify and Assess Your Risk

How companies identify and assess risk will greatly differ not only across industries but even from business to business. Understanding how your data is being collected and stored, as well as the potential threats to that data, is paramount. Something as simple as subscribing to a threat assessment service and keeping up with daily security news can be extremely helpful in staying up-to-date on what initiatives deserve your attention.

A perfect example of this is the rise in ransomware attacks on hospitals during COVID-19. The more sick people there are, the more money a hospital is bringing in and, ultimately, the more information is being shared and stored. Threat actors recognize when organizations are doing well and might have data storage challenges, and those are the ones they target most. They’re constantly innovating, so your organization should be, too.

2. Implement Security Controls

Imposing controls on your data, users and applications includes encrypting data while it’s at rest and in transit, as well as implementing standard access management procedures so the right people have the right access at the right time and for the right reason. This is the mantra cybersecurity experts must follow.

To do this properly, ensure the technology you have in place is functioning in a comprehensive way with reviews to assess if updates are needed at least quarterly. If your business is still operating on technology that was implemented a decade ago, you’re not safe from today’s threat actors.

Another important piece of the identity and security puzzle is ensuring that you have intrusion detection and prevention systems implemented so prompts alert your team of a potential breach before it takes place or, at the very least, as it’s taking place. Often, organizations find out about a breach when it is already days or sometimes weeks old. The longer it takes to discover a breach, the deeper a threat actor can go, which makes them harder to stop.

3. Educate Your Employees

Employees are your frontline security defense, either helping to protect your data or exposing your organization’s weaknesses. Employee education has to be continuous and ongoing, beyond the ineffective annual seminar or short video course and five-question quiz.

Implementing faux phishing campaigns for your workforce is a great way of putting employees in real-life scenarios that teach them what to look out for and how to handle communications that seem trustworthy at first glance but are actually malicious. Real-world examples like this are a must to get employees practicing and actively thinking through what threats look like so they don’t fall victim and put your organization at risk.

Putting modern identity security tools in place to protect your employees is in the best interest of the organization as a whole, and can actually make their authentication process simpler: Tools like multifactor authentication (MFA) and single sign-on (SSO) are going to decrease the risk of breach due to compromised passwords, and—if done right—will be straightforward for any employee to use properly. Cutting down on logins makes life easier and safer for your workforce and, in turn, makes your data safer and harder to breach due to human error.

4. Monitor Your Systems

Real-time monitoring provides a ton of value today and comes back to having a comprehensive detection system in place. This requires investing a bit proactively to integrate your existing tools and actively monitor for suspicious activity, but there are pre-built solutions today capable of fulfilling this need.

Additionally, having internal employees or a third-party team comb through these systems and be in charge of managing them will help weed out any false positives to locate the real issues within all of the “unusual activity” noise. Without the right platform and people in place to monitor regularly, small issues can become big problems in a matter of days.

5. Prepare a Reaction Plan

A strategic data breach reaction plan is necessary even with a proactive identity security approach. Once created, practice what your team would do following a data breach via tabletop exercises to ensure everyone knows how to move forward immediately. Trying to figure it out on the fly while systems are down is extremely painful and costly, so preparation is the key.

Each of these factors is a great initiative on its own, but putting them into action together will create a unified, proactive security posture with a zero-trust architecture to enforce identity security across data storage systems. This will not only bring real value to your organization by preventing expensive data breaches but will keep you ahead of government regulations and fines that can be levied upon businesses deemed too careless.

It’s a matter of when, not if, a data breach will occur, so it’s in your best interest to make your organization a tough target for threat actors.

Avatar photo

James Quick

Dr. James Quick is Identity Advisor & Director of Legal Technology at Simeio. He has 25 years of cybersecurity and digital identity experience providing strategy and solution implementation services for clients. At Simeio, he specializes in Identity Governance and Administration (with 7+ years of experience on Saviynt) and Privileged Access Management, where he’s the author of many thought leadership articles in leading computer security trade publications. Prior to joining Simeio, James gained consulting experience from Arthur Andersen, PwC, and EY, and has a successful record of providing trusted advice on a range of strategic cybersecurity issues. At internet technology innovators like Netscape and Cisco, he led digital transformation programs that delivered cybersecurity protections for customers, increased revenue, and made their use of the internet safer. Dr. Quick earned his PhD in Philosophy from Duquesne University, an LLB (Hons) from the University of London and is completing an LLM at l’Université Catholique de Lyon in Digital Law & Technology.

dr-james-quick has 1 posts and counting.See all posts by dr-james-quick