Business Daily Media

Men's Weekly

.

Why cybersecurity is a team sport

  • Written by Grady Summer, EVP of Product and Solutions at SailPoint

Basketball can teach us a lot about managing the cybersecurity of an enterprise: it takes teamwork. ESPN’s documentary The Last Dance covered basketball legend Michael Jordan’s last season with the Chicago Bulls. By this stage of his career, Jordan had secured six NBA championships and was well known for his formidable competitive streak. Jordan’s desire was to not only be the best player, but to also play with the best team. Jordan knew that the skill of his teammates was an essential factor for ensuring victory. He even flew to Vegas to force Dennis Rodman to practice. The Last Dance highlighted that it takes a team to be the greatest and that breaking bad habits, such as in the case of “practice skipping” Rodman holds the key to success.

For this reason, The Last Dance is a great allegory for enterprise cybersecurity: it takes the whole team to win. This is perhaps most evident as organisations seek to adopt zero trust principles. The zero trust concept is not new, but I hear more organisations discussing it than ever before—driven by a desire for greater security, more flexible access, and accelerated by the shift to remote work due to COVID-19. At its core, zero trust focuses on providing least-privilege access to only those users who need it. Put it this way: don't trust anyone and even when you do, only give them what they need right now. This security philosophy would make Jordan proud, but in that vein, zero trust would not work without another player: identity management.

Operating on a new playing field

There is no doubt that enterprises' digital transformation efforts have accelerated in the last year, which means different things for different organisations. It could mean the transition from on-prem to either hybrid or cloud-only environments; it could mean the shift towards employees using their own computers, tablets, and phones (BYOD – Bring Your Own Device).

This shift in work from anywhere drives the need for increased self-service and password management and new ways to maintain the security of a workforce beyond an enterprise's traditional network perimeter.

The team strategy must be a zero-trust strategy

In order to work, the zero trust method must be applied to all users and systems regardless of location—home or office, but where to begin? First, set a detailed plan for how you will implement zero trust over time. Budgets for this rarely exist, so outline a process in the context of broader organisational security. This will ensure stakeholders across your organisation understand the vision, intent, and timing to achieve this. Next, you need to know where all your applications and data reside now and where will they be in the future. Cybersecurity is like basketball; it's a team sport. You will need to tap different plays and strategies to maintain this high level of visibility of users and applications/data.

Here’s the play: leverage solutions that continuously monitor, recognise, and automate changes in security posture, job assignments, and access policies. Consider solutions that integrate out-of-the-box via standard protocols to ensure your solutions are built to work together and are future-proofed. Centrally managed authentication and authorization controls are essential to your zero trust implementation. These answer the most basic questions of “are you who you say you are?” and “are you allowed to access the resources you’ve requested?”

Home team advantages

I cannot stress this enough—what will keep enterprises moving forward is to see centrally, control, and manage change in their homecourt. This is not something that can be accomplished by basic access management and authentication, because they lack context. They know what is happening in real-time, but they don’t necessarily know the way things should be—who should have access to what. With identity management, you have the brains behind access at your fingertips, regulating how and if access should be granted or revoked and monitoring that access over time as a workers' role changes.

Identity management is about answering three main questions: who has access to what (current state), who should have access to what (desired state), and how is that access being used? For all users, all applications, and all data. This play is the strategic lynchpin for organisations because identity management controls the link between the entire user population and applications and data amid an enterprise’s digital transformation.

The way enterprises operate today may not be the same tomorrow. With this in mind, IT leaders must ensure they are continually evaluating security and compliance implications whilst balancing productivity and automation. This is why identity security is so critical. It is my fundamental belief that identity security and company wide best practices are the keys to winning on the cybersecurity court.


SailPoint | Identity Security for the Cloud Enterprise

Tacking the skills shortage — why L&D is failing and what to do about it

The Australian economy is in a tough spot right now, and a huge part of the problem is a massive skills shortage. Late last year, businesses were st...

How reducing revenue leakage could help your business stay in the black in FY2026

It’s time to stop legacy revenue management platforms and processes draining your profitability. Is boosting the bottom line an overarching goal ...

Technical Debt Stifling Path to AI Adoption for Global Enterprises

Outdated legacy technologies costing organisations the ability to innovate, money, time and potentially, even customers Technical debt and an ov...

Attract. Impress. Keep. The new small business growth playbook

Running a small business is a marathon that often feels like a sprint. You are chasing leads, juggling admin, building a brand and trying to carve...

Amazon to expand data centre infrastructure in Australia and strengthen AI

Amazon has announced plans to invest a new total of AU$20 billion from 2025 to 2029 to expand, operate, and maintain its data centre infrastructur...

How AI is Reshaping Banking in Australia

AI in the Banking and Financial Services Industry  From fraud detection and credit scoring to personalised financial advice, AI is transforming t...

Sell by LayBy