Business Daily Media

The Times Real Estate

.

Why cybersecurity is a team sport

  • Written by Grady Summer, EVP of Product and Solutions at SailPoint

Basketball can teach us a lot about managing the cybersecurity of an enterprise: it takes teamwork. ESPN’s documentary The Last Dance covered basketball legend Michael Jordan’s last season with the Chicago Bulls. By this stage of his career, Jordan had secured six NBA championships and was well known for his formidable competitive streak. Jordan’s desire was to not only be the best player, but to also play with the best team. Jordan knew that the skill of his teammates was an essential factor for ensuring victory. He even flew to Vegas to force Dennis Rodman to practice. The Last Dance highlighted that it takes a team to be the greatest and that breaking bad habits, such as in the case of “practice skipping” Rodman holds the key to success.

For this reason, The Last Dance is a great allegory for enterprise cybersecurity: it takes the whole team to win. This is perhaps most evident as organisations seek to adopt zero trust principles. The zero trust concept is not new, but I hear more organisations discussing it than ever before—driven by a desire for greater security, more flexible access, and accelerated by the shift to remote work due to COVID-19. At its core, zero trust focuses on providing least-privilege access to only those users who need it. Put it this way: don't trust anyone and even when you do, only give them what they need right now. This security philosophy would make Jordan proud, but in that vein, zero trust would not work without another player: identity management.

Operating on a new playing field

There is no doubt that enterprises' digital transformation efforts have accelerated in the last year, which means different things for different organisations. It could mean the transition from on-prem to either hybrid or cloud-only environments; it could mean the shift towards employees using their own computers, tablets, and phones (BYOD – Bring Your Own Device).

This shift in work from anywhere drives the need for increased self-service and password management and new ways to maintain the security of a workforce beyond an enterprise's traditional network perimeter.

The team strategy must be a zero-trust strategy

In order to work, the zero trust method must be applied to all users and systems regardless of location—home or office, but where to begin? First, set a detailed plan for how you will implement zero trust over time. Budgets for this rarely exist, so outline a process in the context of broader organisational security. This will ensure stakeholders across your organisation understand the vision, intent, and timing to achieve this. Next, you need to know where all your applications and data reside now and where will they be in the future. Cybersecurity is like basketball; it's a team sport. You will need to tap different plays and strategies to maintain this high level of visibility of users and applications/data.

Here’s the play: leverage solutions that continuously monitor, recognise, and automate changes in security posture, job assignments, and access policies. Consider solutions that integrate out-of-the-box via standard protocols to ensure your solutions are built to work together and are future-proofed. Centrally managed authentication and authorization controls are essential to your zero trust implementation. These answer the most basic questions of “are you who you say you are?” and “are you allowed to access the resources you’ve requested?”

Home team advantages

I cannot stress this enough—what will keep enterprises moving forward is to see centrally, control, and manage change in their homecourt. This is not something that can be accomplished by basic access management and authentication, because they lack context. They know what is happening in real-time, but they don’t necessarily know the way things should be—who should have access to what. With identity management, you have the brains behind access at your fingertips, regulating how and if access should be granted or revoked and monitoring that access over time as a workers' role changes.

Identity management is about answering three main questions: who has access to what (current state), who should have access to what (desired state), and how is that access being used? For all users, all applications, and all data. This play is the strategic lynchpin for organisations because identity management controls the link between the entire user population and applications and data amid an enterprise’s digital transformation.

The way enterprises operate today may not be the same tomorrow. With this in mind, IT leaders must ensure they are continually evaluating security and compliance implications whilst balancing productivity and automation. This is why identity security is so critical. It is my fundamental belief that identity security and company wide best practices are the keys to winning on the cybersecurity court.


SailPoint | Identity Security for the Cloud Enterprise

Samsara Eco expands global leadership team

Industry heavyweights join Samsara Eco to accelerate its enzymatic recycling technology Chief Innovation Officer and Executive Product Director a...

National Print Awards Announce Ricoh Women in Industry Award

The National Print Awards (NPAs) are proud to introduce the Ricoh Women in Industry Award, a prestigious new accolade recognising and celebrating ...

Financial Forecasting: 3 Tips for SMEs

Financial forecasting means predicting your business’s future revenue, expenses, and cash flow so you can plan ahead. If you’ve ever wondered whether ...

NextOre Unveils World First MR Analyser for Underground Copper Trucks

NextOre, a global leader in  Magnetic Resonance (MR)-enabled bulk ore sorting technology, has now made its world first sensor system available for...

Incode joins Australia’s Age Assurance Technology Trial to protect children online

With a market-leading +99% accuracy rate, Incode will play a key role in safeguarding Aussie minors on social media Incode Technologies Inc., a...

Empowering small businesses: Localsearch rolls out affordable digital solutions

New suite of digital solutions designed to boost visibility, engagement, and customer acquisition In response to a rapidly evolving digital lan...

Sell by LayBy