Today, most identity security strategies are heavily dependent on static, manual techniques that involve human effort and skill. However, as risk becomes more dynamic, traditional methods won’t be able to keep up. The complex nature of multi-cloud environments makes manual authorization and remediation of identity security issues impossible to scale.
Artificial Intelligence (AI holds promise for identity security)
AI-driven cyberattacks are using machine learning algorithms to identify security vulnerabilities, predict patterns, and exploit weaknesses at scale. Even malicious hackers with limited skill can leverage AI to conduct credential-based attacks, craft phishing emails, and enhance pretexting to create digital personas that masquerade as legitimate users.
But what about using AI for defense?
We wanted to know: How are companies embedding emerging capabilities such as AI in their identity security strategies? To find out, we surveyed 1,800 IT (Information Technology) and security decision-makers across 21 countries, representing companies with over 500 employees in a wide range of industries. The results of our global identity security survey can help you compare your current identity security posture to your peers and prioritize investments as you develop your roadmap for the future.
Why is there so much reliance on humans?
There are many potential reasons organizations may rely on human skills, static policies, and manual processes for identity security.
- Some may be more comfortable with manual controls because they provide a clearer audit trail and may be perceived as more compliant with regulatory standards. It’s easier to document policies and demonstrate evidence when humans are making decisions based on fixed rules, compared with turning over the keys to an algorithm that’s difficult to explain to others.
- Many organizations still rely on legacy systems and applications that lack the capability for AI functionality like dynamic access control.
- They may find it easier to put the responsibility on users rather than addressing systemic issues related to policy enforcement.
- Resistance to change can also be a factor, as teams are accustomed to traditional manual processes and may be hesitant to adopt modern technologies or methodologies.
- When humans are involved in manual processes, they have a better understanding of how they work. However, this typically results in slow security that does not keep pace with the growing threats.
Regardless of the reason, the reliance on human effort is likely providing organizations with a false sense of confidence. Some may not fully understand the evolving nature of identity-based attacks and underestimate cybercriminals' capabilities.
Those who haven’t experienced significant incidents may wrongly assume that their current manual security measures are sufficient. Focusing exclusively on human behavior may cause organizations to overlook the greater risk of machine identities that often operate without effective governance.
How can AI support identity security?
We found that there is a growing cultural shift towards embracing AI to surface information and save time, supported by human oversight to ensure accuracy and effectiveness. Most respondents expect to leverage AI in their identity security strategies in some fashion.
Because AI can quickly analyze large amounts of data from different sources, it can identify anomalies humans would never be able to detect and respond faster than manual methods. In addition, AI can automate repetitive tasks and avoid the common errors that humans are likely to make.
As we move forward, identity security programs should look to integrate AI for key use cases, such as:
- Intelligent authorization – Intelligent authorization makes it easy for humans to do the right thing by moving identity security into the background. An intelligent system can define and optimize authorization policies, so they’re applied automatically.
With this approach, users don’t need to create or remember passwords, and IT operations teams don’t need to configure permissions or keep track of policy drift that increases the attack surface. - Intelligent session monitoring – Adding intelligence to session monitoring helps to uncover, prioritize, and address identity security risks. Intelligence tells you which reports to focus on so that your team doesn’t waste time reviewing logs, watching recordings, or chasing false positives.
It surfaces important data, such as overprivileged identities and unexpected privileged behavior, and provides context so you can understand what those reports mean and revoke access if necessary.
It’s not enough to secure identities but also their interactions at every point in the identity attack chain, particularly in the cloud. By dynamically adjusting access privileges based on users' activities or contextual factors, you can respond promptly to emerging security threats and anomalies.
This approach reduces the risk of overprovisioning access rights and helps you make better use of IT resources. Most importantly, this approach avoids the costly repercussions of identity-related attacks experienced by most organizations worldwide.
AI is only as smart as the data it can access
The impetus toward automation in cybersecurity isn’t new. AI has simply accelerated it. The only thing that can slow it down is access to data. Data-hungry machine learning algorithms are only as intelligent as the information they can access.
For teams that are currently reliant on human effort and skill, the shift toward AI will require change management and trust. IT and security decision-makers will need to be comfortable with the accuracy, recency, and context of the data that AI uses to make recommendations before they hand over the reins for kinetic action. That said, it’s only a matter of time before dynamic, intelligent controls become table stakes for any identity security program.
For more detailed findings and analysis, download the complete results of Delinea’s 2024 global survey:
2024 State of Identity Security in the Age of AI.
