www.helpnetsecurity.com
Open in
urlscan Pro
54.203.13.2
Public Scan
URL:
https://www.helpnetsecurity.com/2023/08/01/identity-security-knowledge/
Submission: On August 02 via api from TR — Scanned from DE
Submission: On August 02 via api from TR — Scanned from DE
Form analysis
1 forms found in the DOMPOST
<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
<div class="mc4wp-form-fields">
<div class="hns-newsletter">
<div class="hns-newsletter__top">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__title">
<i>
<svg class="hic">
<use xlink:href="#hic-plus"></use>
</svg>
</i>
<span>Cybersecurity news</span>
</div>
</div>
</div>
</div>
<div class="hns-newsletter__bottom">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__body">
<div class="row">
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
<label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
</div>
</div>
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
<label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
</div>
</div>
</div>
</div>
<div class="form-check form-control-lg mb-3">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
<label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
</div>
<div class="input-group mb-3">
<input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
<button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
<label class="form-check-label" for="mcs4">
<span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms & conditions</a>
</span>
</label>
</div>
</div>
</div>
</div>
</div>
</div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
value="1690942672"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
<div class="mc4wp-response"></div>
</form>
Text Content
searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus * News * Features * Expert analysis * Videos * Events * Whitepapers * Industry news * Product showcase * Newsletters * * * Help Net Security August 1, 2023 Share THE GAP IN USERS’ IDENTITY SECURITY KNOWLEDGE GIVES CYBERCRIMINALS AN OPENING With exponential growth in the number of human and machine actors on the network and more sophisticated technology in more places, identity in this new era is rapidly becoming a super-human problem, according to RSA. Paradoxically, even in this world where AI can dynamically assess risks and automate responses to threats, humans will have an even more important and strategic role in cybersecurity and identity security. The report found significant gaps in respondents’ knowledge concerning critical identity vulnerabilities, best practices for securing identity, and how to develop stronger identity security. For instance, 63% of respondents could not accurately identify the identity components needed to move organizations toward zero trust. Likewise, 64% of respondents did not select the best practice technologies for reducing phishing. 55% did not understand the full scope of identity capabilities that can improve an organization’s security posture. DATA BREACHES These findings align with third-party research indicating that identity is the most frequent cause of data breaches: the Verizon’s report found that the use of “stolen credentials became the most popular entry point for breaches” over the past five years. “The RSA’s report reveals why identity is one of the most susceptible ways for cybercriminals to breach an organization—users simply don’t understand identity’s full cybersecurity role, the risks that identity poses, or the ways to use identity to build safer organizations,” said RSA CEO Rohit Ghai. “The gaps in users’ identity knowledge give cybercriminals openings to exploit.” Among self-described IAM experts, 65% did not accurately select best practices to reduce phishing and 42% underestimated the frequency with which users recycle their passwords. “Growing numbers of users, devices, entitlements, and environments are overburdening IAM specialists—they just can’t keep up,” said RSA CPO Jim Taylor. “Identity plays critical roles across organizations, and for organizations to stay secure and compliant, identity needs to excel in each of those roles. The RSA’s report results reveal why organizations need to invest in unified identity solutions and integrate artificial intelligence to help their personnel keep up with the pace of change.” PERSONAL DEVICES POSE SECURITY RISKS 64% of respondents put more trust in technical innovations like a computer or password manager with securing their information than their partner, closest friend, or financial advisor. Respondents felt even stronger about artificial intelligence’s potential to improve identity security: 91% of respondents believed that AI can detect suspicious authorizations and access attempts, identify irregularities in entitlements, and recognize vulnerabilities on mobile devices. 72% of respondents believed that people frequently use personal devices to access professional resources. 97% cybersecurity experts felt that users opened more emails on their phones than on desktops, had more difficulty scrutinizing those emails on mobile devices, used personal devices to access professional resources, and/or that unmanaged devices don’t have the same security capabilities as managed devices. Each of those factors could catalyze identity compromise—together, they represent a perfect storm of risks. These responses align with Zimperium’s report, which found that the average user is 6-10 times more likely to fall for an SMS phishing attack than an email-based attachment. FRAGMENTED IDENTITY SOLUTIONS DRIVE UP COSTS Nearly three-quarters of all respondents either didn’t know or significantly under-valued the cost of a password reset, including nearly half of all self-described IAM experts. With each password reset costing upwards of $70, resets can account for nearly half of all IT help desk costs. The fact that 73% of respondents can’t accurately price this expense or understand its impact on their IT counterparts could lead to run-away costs, underscoring the value of using one identity solution for both authentication and access. The report also revealed how inadequate identity governance and administration hurts organizational productivity. 30% of all respondents reported that they were prevented from accessing the systems needed to do their work at least once a week. More about * artificial intelligence * cybersecurity * data breach * identity * phishing * report * risk * RSA * survey * Verizon * Zimperium Share this FEATURED NEWS * Android n-day bugs pose zero-day threat * US government outlines National Cyber Workforce and Education Strategy * Keeping the cloud secure with a mindset shift Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database SPONSORED EBOOK: 9 WAYS TO SECURE YOUR CLOUD APP DEV PIPELINE FREE ENTRY-LEVEL CYBERSECURITY TRAINING AND CERTIFICATION EXAM GUIDE: ATTACK SURFACE MANAGEMENT (ASM) DON'T MISS ANDROID N-DAY BUGS POSE ZERO-DAY THREAT US GOVERNMENT OUTLINES NATIONAL CYBER WORKFORCE AND EDUCATION STRATEGY STREMIO VULNERABILITY EXPOSES MILLIONS TO ATTACK KEEPING THE CLOUD SECURE WITH A MINDSET SHIFT STRATEGIES FOR ENSURING COMPLIANCE AND SECURITY IN OUTDATED HEALTHCARE IT SYSTEMS Cybersecurity news Daily Newsletter Weekly Newsletter (IN)SECURE - monthly newsletter with top articles Subscribe I have read and agree to the terms & conditions Leave this field empty if you're human: © Copyright 1998-2023 by Help Net Security Read our privacy policy | About us | Advertise Follow us ×