《Delinea：2024 AI時代的身份安全狀況——全球調查報告（英文版）（16頁）.pdf》由會員分享，可在線閱讀，更多相關《Delinea：2024 AI時代的身份安全狀況——全球調查報告（英文版）（16頁）.pdf（16頁珍藏版）》請在三個皮匠報告上搜索。

1、The State of Identity Security in the Age of AI 2024 Global Survey ReportRESEARCH REPORT The State of Identity Security in the Age of AI 2Executive SummaryEffective identity security is important for preventing cyberattacks,maintaining data privacy,meeting compliance demands,and avoiding financial f

2、raud.With 80%of companies worldwide experiencing an identity-related cyberattack this year,and 93%of victims suffering measurable losses,the stakes are high.Though IT and security decision-makers are aware of identity-related threats and working diligently to combat them,theyre heavily dependent on

3、static,manual techniques that involve human effort and skill.As the identity attack surface becomes more dynamic and cyber criminals leverage automation and Artificial Intelligence(AI)to launch large-scale attacks,existing identity security techniques wont be able to keep up.How can AI improve ident

4、ity security?With this context in mind,we wanted to understand how organizations around the world think about the risk of identity-based attacks and the security strategies they currently employ,including emerging defense capabilities such as AI.To find out,we surveyed 1,800 IT and security decision

5、-makers across 21 countries,representing companies with over 500 employees in a wide range of industries.The data shows that companies expect to apply AI to identity security use cases.Theyre more likely to use AI to surface information,prioritize whats important,and save time,rather than take kinet

6、ic action.In this report,youll learn about the current state of AI adoption for identity security,compared with processes that rely on human effort.Youll get insights into why automation is imperative for stronger security,business continuity,and efficiency.And,youll see how you can begin to make th

7、e shift toward intelligent,dynamic identity security controls in your own organization.RESEARCH REPORT The State of Identity Security in the Age of AI 3The Identity Attack Chain Examples of identity-related attacks are frequently in the news,and often have devastating consequences.Earlier this year,

8、an identity-based cyberattack on Change Healthcare used a set of stolen credentials to remotely access the companys systems that werent protected by multi-factor authentication(MFA)and successfully stole a huge amount of private healthcare data.The attack cost the company almost$900 million and had

9、massive repercussions for healthcare providers and patients.All along the Identity Attack Chain,adversaries strive to obtain privileges that provide access to data and systems.Attackers may obtain credentials through nefarious means such as malware,brute force attacks,or via access brokers or code r

10、epositories.Many threat actors socially engineer users and establish an initial foothold on workstations.Once they gain initial access,attackers can operate undetected inside your environment under the disguise of an authenticated user account.They commonly use that inroad to deliver a weaponized pa

11、yload that will execute their agenda,such as malware to encrypt data for ransom.Ultimately,through lateral movement and privilege elevation,adversaries gain domain administrator access to own the entire trust fabric(e.g.,Active Directory).Because they have elevated privileges,they can cover their tr

12、acks and can stay hidden for long periods.In todays multi-cloud environment,the identity attack chain becomes much more complex to protect,for several reasons:Instead of a small admin group,numerous people and systems have access to data and resources and may even generate identities.A mix of differ

13、ent identity providers,federated apps/services,and local CSP users restrict identity monitoring and limit understanding of privileged behavior.Modern cloud environments have intricate permission models with thousands of possible permissions across numerous services.Cloud environments experience rapi

14、d shifts with new identities(especially machine identities)created constantly,and entitlements provisioned and removed at breakneck speeds.Misconfigured Groups in identity management systems and/or cloud resources inadvertently expose risks.RESEARCH REPORT The State of Identity Security in the Age o

15、f AI 4Key Finding 1 Todays identity security strategies are overly reliant on manual,static processes.To combat identity-based attacks,respondents are highly focused on managing human behavior,using human-driven processes.Respondents believe their biggest identity security risk is getting users to c

16、omply with policies.Not getting users to comply with identity security policiesNot knowing which identities have access to what dataNot knowing what identities are operating in your environment Not identifying privileged access abuseNot securing credentials OtherNot auditing privileged usage Not aud

17、iting shared accounts 31%28%28%26%21%20%18%1%Figure 1|What do you consider to be your greatest risk related to identity security?Select up to two RESEARCH REPORT The State of Identity Security in the Age of AI 5They believe the most vulnerable parts of their attack surface have a lot of human intera

18、ction.Their biggest barrier to improvement?You guessed it people.The people we have dont have the necessary skills We dont have the budget The board does not appreciate the importance of identity security We dont have enough people We dont have the right tools Were not facing any barriersWe dont hav

19、e the time 29%23%22%22%22%20%15%Figure 2|What are the main barriers that you are facing when it comes to improving identity security?With this perspective,its no wonder that current identity security strategies are hyper-focused on improving human control.We see this in how organizations evaluate ri

20、sk.And how they manage authorization.User access is determined by role in the organization Manual approvals authorize access requests User access is based on attributes or policies We make risk-based decisions in real-time Everyone has access to everything 35%23%21%16%6%Figure 3|How do you typically

21、 decide who needs access to specific IT resources?RESEARCH REPORT The State of Identity Security in the Age of AI 6For now,manual controls give companies confidence.Almost half of respondents worldwide(46%)claim theyre successfully adapting and evolving to meet the identity security challenge.Securi

22、ty confidence remains strong even in complex,multi-cloud environments.Were adapting and evolving to keep pace with the threat landscape We need to re-invigorate the importance of this across the organizationWe have a great approach,but were lacking the resources/budget to truly deliver on our strate

23、gyWere not implementing anything new,just keeping the lights on44%29%14%13%Figure 4|Which of the following best describes your current identity security strategy?Strongly Agree Strongly Disagree Agree Disagree Dont know%Agree35%58%5%1%1%93%Figure 5|To what extent do you agree or disagree with the fo

24、llowing statement:I am confident that my organization can secure identities across our multi-cloud environment.RESEARCH REPORT The State of Identity Security in the Age of AI 7And at key points in the Identity Attack Chain.Although security teams are less confident than IT teams.While all respondent

25、s expressed confidence in their identity security strategy,those with IT-related titles(CIO,operations,infrastructure,helpdesk,etc.)were more bullish than their security counterparts.This pattern held true when respondents were asked about their multi-cloud environment as well as pivotal points in t

26、he identity attack chain.Figure 6|To what extent do you agree or disagree with the following statements?Strongly agree Agree Disagree Strongly disagree Dont know My organization can discover an identity-based attack 35%54%8%1%1%My organization can stop attackers from gaining initial34%57%7%1%2%My or

27、ganization can stop attackers from escalating privileges/moving laterally in our IT environment 34%57%7%1%1%Were adapting and evolving to keep pace with the threat landscape We can secure identities across multi-cloud environments We can discover identity-based attacksWe can stop initial access We c

28、an stop lateral access Security titles IT titles 38%30%26%30%27%47%37%37%35%36%Figure 7|To what extent do you agree with the following statements?RESEARCH REPORT The State of Identity Security in the Age of AI 8Our take There are many potential reasons organizations may rely on human skills,static p

29、olices,and manual processes for identity security rather than intelligent automation.Some may be more comfortable with manual controls because they provide a clearer audit trail and may be perceived as more compliant with regulatory standards.Its easier to document policies and demonstrate evidence

30、when humans are making decisions based on fixed rules,compared with turning over the keys to an algorithm thats difficult to explain to others.Many organizations still rely on legacy systems and applications that lack the capability for AI functionality like dynamic access control.They may find it e

31、asier to put the responsibility on users rather than addressing systemic issues related to policy enforcement.Resistance to change can also be a factor,as teams are accustomed to traditional manual processes and may be hesitant to adopt new technologies or methodologies.Regardless of the reason,the

32、reliance on human effort is likely providing organizations with a false sense of confidence.Some may not fully understand the evolving nature of identity-based attacks and underestimate the capabilities of cyber criminals.Those who havent experienced significant incidents may wrongly assume that the

33、ir current manual security measures are sufficient.Some may believe their security posture is strong because they comply with industry regulations,though as weve seen,simply checking a compliance box doesnt necessarily equate to effective security.Moving forward,its important that organizations have

34、 visibility into their actual security posture and align on a shared sense of truth based on data rather than relying on“feelings”of confidence.Companies cant become complacent,especially as adversaries become more sophisticated and factors that impact identity risk change faster than ever.If compan

35、ies cant move beyond human-dependent processes,then theyre likely to pay the price,as youll see in the next key finding.Moving forward,its important that organizations have visibility into their actual security posture and align on a shared sense of truth based on data rather than relying on“feeling

36、s”of confidence.RESEARCH REPORT The State of Identity Security in the Age of AI 9Key Finding 293%of companies suffering an identity-based attack experience measurable loss.Four out of five organizations have suffered identity-related cybersecurity incidents in the past 12 months.This finding mirrors

37、 the result of the most recent survey from the Identity Defined Security Alliance,which reported almost 80%of enterprises have experienced an identity-related breach within the last two years.When an identity-related incident occurs,organizations suffer in numerous ways.Almost all victims(93%)said t

38、hey had some form of meaningful consequence,most commonly involving business disruption and inability to deliver services.Disruption of services/operational downtime Reputational damage We have not had an identity-related cyber incident in the past 12 months Loss of data Financial loss There were no

39、 consequences Legal and regulatory consequences 37%35%28%7%25%20%22%Figure 8|What were the consequences of any identity-related cyber incidents your organization experienced in the past 12 months,if any?RESEARCH REPORT The State of Identity Security in the Age of AI 10Our take When a business cant d

40、eliver necessary services and starts losing money,its clearly time for a change in security strategy.Its likely that the human-driven processes companies are using are responsible for inconsistencies and errors that can lead to identity-based attacks.Plus,by overemphasizing the role of humans in ide

41、ntity security,companies may be downplaying the greater risk of machine identities,which exist in larger numbers and are more likely to change without oversight.Identity risk is dynamic.This is the case for several reasons:The traditional definition of organizational“role”no longer holds true,as man

42、y organizations are matrixed,and many processes are Agile.Therefore,access needs for each user are constantly changing and permissions quickly become outdated.Technology stacks are always changing,especially in complex,multi-cloud environment when cloud resources are ephemeral and new identities are

43、 being provisioned and deprovisioned all the time.Supply chains and partner relationships frequently change as different parties need access to data across diverse infrastructure.The reality is that far too many identities have excessive privileges they dont require to do their job,in violation of l

44、east privilege best practices.Even if organizations can indeed discover and address identity-based attacks,the big question is whether this happens before or after damage has already been done.You cant protect cloud resources from identity-based attacks using the same strategies you would in an on-p

45、rem world.Its incredibly difficult to track the attack path of a single identity across such a distributed,dynamic,and inconsistent environment.The traditional security tools network firewalls,common corporate directory services,and static access controls arent effective in a cloud reality.The dynam

46、ic nature of cloud environments makes manual authorization and remediation of identity security issues impossible to scale.Part of the solution is to continue to build awareness of identity security risks and improve education among IT,security,and business users.More important,however,is to look be

47、yond human intervention and static controls.As youll learn in the next section,many organizations are starting to do just that.Even if organizations can indeed discover and address identity-based attacks,the big question is whether this happens before or after damage has already been done.RESEARCH R

48、EPORT The State of Identity Security in the Age of AI 11Key Finding 3The shift toward AI is underway,especially for monitoring,alerting,and assessing risk IT and security leaders see AI in a positive light.In terms of identity security,most respondents recognize that AI has both positive and negativ

49、e potential.That said,theyre more likely to view AI as a tool to be used for defense,rather than as a threat.But humans still want to be in the loop to take action.Companies arent fully turning over the identity security reins to AI at least not yet.Theyre more comfortable having AI surface informat

50、ion,prioritize results,and make a recommendation,with a person responsible for making the decision to act.Specifically,respondents are most likely to expect to use AI for monitoring,alerting,and assessing identity-security risk.They arent yet ready for AI to automatically apply,adjust,or revoke priv

51、ileges.Figure 9|Regarding identity security,which of the following do you consider Artificial Intelligence(AI)?RESEARCH REPORT The State of Identity Security in the Age of AI 12By monitoring and reporting on privileged behavior for all identities By revoking privileges when it detects risk By alerti

52、ng us to privilege misuse so we can investigate By assessing risk By authorizing privileged access based on context By streamlining auditing and compliance40%35%33%22%25%24%Figure 10|What are the main ways that you expect AI will help you defend against identity-based attacks?Select up to twoRESEARC

53、H REPORT The State of Identity Security in the Age of AI 13Our take The potential of AI as a cyber defender is immense and the cybersecurity industry is making progress toward realizing its benefits.There is a growing cultural shift towards embracing AI to surface information and save time,supported

54、 by human oversight to ensure accuracy and effectiveness.That said,its only a matter of time before AI is sophisticated enough for people to rely on it for actions as well.Because AI can quickly analyze large amounts of data from different sources,it can identify anomalies humans would never be able

55、 to detect and respond faster than manual methods.In addition,AI can automate repetitive tasks and avoid the common errors that humans are likely to make.To help companies that are currently reliant on human-driven processes make the shift to AI,identity security solutions must be explainable,reliab

56、le,and trustworthy.AIs data-hungry model depends on readily accessible,accurate information,so its essential that they have a comprehensive view of all identities operating in an enterprise environment,their effective access,and their behavior.In addition,rigorous data management practices must prot

57、ect privacy and meet compliance requirements.As we move forward,identity security programs should look to integrate AI for key use cases:Intelligent authorization Intelligent authorization makes it easy for humans to do the right thing by moving identity security into the background.An intelligent s

58、ystem can define and optimize authorization policies so theyre applied automatically.With this approach,users dont need to create or remember passwords,and IT operations teams dont need to configure permissions or keep track of policy drift that increases the attack surface.Intelligent session monit

59、oring Adding intelligence to session monitoring helps to uncover,prioritize,and address identity security risks.Intelligence tells you which reports to focus on so that your team doesnt waste time reviewing logs,watching recordings,or chasing false positives.It surfaces important data,such as overpr

60、ivileged identities and unexpected privileged behavior,and provides context so you can understand what those reports mean and revoke access if necessary.RESEARCH REPORT The State of Identity Security in the Age of AI 14Conclusion How Delinea can help The shift from static to dynamic access controls

61、and manual to automated identity governance cant come quickly enough.Identity security controls need to be hyper-flexible,which is beyond the capabilities of humans to manage.In the future,organizations will only be able to achieve scalable,risk-based identity security with intelligent,automated pol

62、icies.Its not enough to secure identities but also their interactions at every point in the identity attack chain,particularly in the cloud.By dynamically adjusting access privileges based on users activities or contextual factors,organizations can respond promptly to emerging security threats and a

63、nomalies.This approach reduces the risk of over-provisioning access rights and helps organizations make better use of their IT resources.Most importantly,this approach avoids the costly repercussions of identity-related attacks experienced by most organizations worldwide.Delineas identity security p

64、latform embeds AI and automation,so you can reduce manual errors,save time,and improve your security posture.Intelligent policies are applied based on context,so they can adapt dynamically to changing risk factors and help you balance productivity with security.Delinea accounts for the risk profile

65、of an identity at every access point,including initial login and privilege elevation.Risk factors may include profiles of similar identities,prior behavior,sensitivity of the data they need to access,location,etc.In addition,intelligent authorization can be dynamic,meaning permissions adjust automat

66、ically as risk factors change.Rather than fixed permissions based on Groups or roles,granular access for each identity can be provisioned and deprovisioned,Just-in-Time(JIT),as needed.Delinea surfaces anomalies that deviate from a baseline of expected identity behavior in your organization and aggre

67、gated,anonymized behavior across thousands of customers.Learn more about the Delinea Platform and how you can make the shift to intelligent,dynamic identity security.RESEARCH REPORT The State of Identity Security in the Age of AI 15Methodology The survey gathered responses from 1,800 people during M

68、arch 2023.It includes responses from the C-suite,departmental leadership,and management levels of organizations.Respondents came from 21 countries,across 17 industries,working at companies with 500 employees or more.All participants said they took part in identity security decision-making as the ult

69、imate decision-maker,part of a team,or as an influencer.Results arent weighted.Delinea is a pioneer in securing identities through centralized authorization,making organizations more secure by seamlessly governing their interactions across the modern enterprise.Delinea allows organizations to apply

70、context and intelligence throughout the identity lifecycle across cloud and traditional infrastructure,data,and SaaS applications to eliminate identity-related threats.With intelligent authorization,Delinea provides the only platform that enables you to discover all identities,assign appropriate acc

71、ess levels,detect irregularities,and immediately respond to identity threats in real-time.Delinea accelerates your teams adoption by deploying in weeks,not months,and makes them more productive by requiring 90%fewer resources to manage than the nearest competitor.With a guaranteed 99.99%uptime,the Delinea Platform is the most reliable identity security solution available.Learn more about Delinea on LinkedIn,X,and YouTube.Delinea GSR2024-WP-0624-EN