Business Daily Media

Men's Weekly

.

Why cybersecurity is a team sport

  • Written by Grady Summer, EVP of Product and Solutions at SailPoint

Basketball can teach us a lot about managing the cybersecurity of an enterprise: it takes teamwork. ESPN’s documentary The Last Dance covered basketball legend Michael Jordan’s last season with the Chicago Bulls. By this stage of his career, Jordan had secured six NBA championships and was well known for his formidable competitive streak. Jordan’s desire was to not only be the best player, but to also play with the best team. Jordan knew that the skill of his teammates was an essential factor for ensuring victory. He even flew to Vegas to force Dennis Rodman to practice. The Last Dance highlighted that it takes a team to be the greatest and that breaking bad habits, such as in the case of “practice skipping” Rodman holds the key to success.

For this reason, The Last Dance is a great allegory for enterprise cybersecurity: it takes the whole team to win. This is perhaps most evident as organisations seek to adopt zero trust principles. The zero trust concept is not new, but I hear more organisations discussing it than ever before—driven by a desire for greater security, more flexible access, and accelerated by the shift to remote work due to COVID-19. At its core, zero trust focuses on providing least-privilege access to only those users who need it. Put it this way: don't trust anyone and even when you do, only give them what they need right now. This security philosophy would make Jordan proud, but in that vein, zero trust would not work without another player: identity management.

Operating on a new playing field

There is no doubt that enterprises' digital transformation efforts have accelerated in the last year, which means different things for different organisations. It could mean the transition from on-prem to either hybrid or cloud-only environments; it could mean the shift towards employees using their own computers, tablets, and phones (BYOD – Bring Your Own Device).

This shift in work from anywhere drives the need for increased self-service and password management and new ways to maintain the security of a workforce beyond an enterprise's traditional network perimeter.

The team strategy must be a zero-trust strategy

In order to work, the zero trust method must be applied to all users and systems regardless of location—home or office, but where to begin? First, set a detailed plan for how you will implement zero trust over time. Budgets for this rarely exist, so outline a process in the context of broader organisational security. This will ensure stakeholders across your organisation understand the vision, intent, and timing to achieve this. Next, you need to know where all your applications and data reside now and where will they be in the future. Cybersecurity is like basketball; it's a team sport. You will need to tap different plays and strategies to maintain this high level of visibility of users and applications/data.

Here’s the play: leverage solutions that continuously monitor, recognise, and automate changes in security posture, job assignments, and access policies. Consider solutions that integrate out-of-the-box via standard protocols to ensure your solutions are built to work together and are future-proofed. Centrally managed authentication and authorization controls are essential to your zero trust implementation. These answer the most basic questions of “are you who you say you are?” and “are you allowed to access the resources you’ve requested?”

Home team advantages

I cannot stress this enough—what will keep enterprises moving forward is to see centrally, control, and manage change in their homecourt. This is not something that can be accomplished by basic access management and authentication, because they lack context. They know what is happening in real-time, but they don’t necessarily know the way things should be—who should have access to what. With identity management, you have the brains behind access at your fingertips, regulating how and if access should be granted or revoked and monitoring that access over time as a workers' role changes.

Identity management is about answering three main questions: who has access to what (current state), who should have access to what (desired state), and how is that access being used? For all users, all applications, and all data. This play is the strategic lynchpin for organisations because identity management controls the link between the entire user population and applications and data amid an enterprise’s digital transformation.

The way enterprises operate today may not be the same tomorrow. With this in mind, IT leaders must ensure they are continually evaluating security and compliance implications whilst balancing productivity and automation. This is why identity security is so critical. It is my fundamental belief that identity security and company wide best practices are the keys to winning on the cybersecurity court.


SailPoint | Identity Security for the Cloud Enterprise

Workplace DMs, Reinvented: Deputy Messaging, Purpose-Built For Shift-Based Teams

Deputy, the global people platform for shift-based businesses, has launched Deputy Messaging, a fully integrated, real-time communication tool designe...

Revolutionizing Fulfillment: How Virtual Warehousing is Changing the Game?

The e-commerce landscape is evolving more rapidly than ever, and the way businesses are managing their fulfillment is also revolutionizing. At the...

SME lender Dynamoney welcomes new CEO, Brett Thomas

Strengthens growth ambitions and signals expanded offering Dynamoney, a leading commercial finance provider for Australian SMEs,  has today appoint...

The cost of ignoring AI governance in business

Artificial intelligence (AI) is no longer the promise of a distant future: it's active, embedded, and already shaping decisions across industries. H...

Quickli launches new SMSF product as free beta for limited time only

The leading technology provider for Australian mortgage brokers, Quickli, has answered the prayers of brokers yet again with the launch of a stand...

Portable Monitors for Coding and Programming Students

Today, coding and programming require more focus and efficiency. But, the most essential thing it demands is ample screen space. Students can stru...

Sell by LayBy