The Future of Cybersecurity is Artificial: Intelligence Will Transform Enterprise Governance
Over the past several weeks, I’ve explained how to verify every user and then validate their devices as part of a Zero Trust approach to cybersecurity. Now, it’s time to tie everything together with the final ingredient of the Zero Trust formula: intelligently limiting user access.
What do we mean by “intelligently limiting access”? Well, not all people need the same access to the same systems and applications. Some people (like HR or Finance) handle sensitive, private data, others don’t. Some people travel a lot with their job, some almost never. You get the gist. When you intelligently limit access to an organization’s systems and applications, you’re making it easy for each person — whether employee, partner, customer, etc. — to access what they need, when they need it, wherever they are, and on the device of their choosing.
Rise of the Machines
Modern machine learning and user based analytics can transform how you intelligently limit access, ultimately helping strike a balance between security and productivity.
Information about the user, endpoint, application or server, policies, and all activities related to them can be collected and fed into a data pool that fuels machine learning. This system can then automatically recognize out-of-the-ordinary behaviors, such as a user trying to access resources from an unusual location, which immediately raises a red flag requiring additional authentication or blocked access.
By feeding every access attempt back into an analytics platform, you can apply modern machine learning to build individual profiles for every user. Picture this: a user logs into her laptop using Multi-factor Authentication (MFA), while working from the corporate network, on a registered device she always uses, accessing the same apps she always does, at the same time of day as always. Great! You can confidently provide her easy access through single sign-on to her app instead of prompting her for additional verification.
Machine learning can greatly reduce the complexity of analysis that needs to be performed by IT responsible for overseeing access controls. Instead of writing complicated rules, IT can decide how to respond to the risk level of an access attempt, saving a great deal of time and frustration.
Steps to Zero Trust
Now that we have the three pillars of a Zero Trust approach down, how do we go about piecemealing together a solution with products from various vendors all purporting to solve a piece of the puzzle? Next up, we explore the steps to executing a Zero Trust approach. See how Idaptive Secures Access Everywhere.
______
Read the Zero Trust series here:
Zero Trust Series – 1 What Is Zero Trust and Why Is it So Important?
Zero Trust Series – 2 Like the Night King, Perimeter Defense is Dead
Zero Trust Series – 3 Imposter Syndrome: Why You Can’t Separate the “Good Guys” from the “Bad Guys”
Zero Trust Series – 4 Passwords are Just one Piece of the Cybersecurity Puzzle
Zero Trust Series – 5 The Future of Cybersecurity is Artificial: Intelligence Will Transform Enterprise Governance
Zero Trust Series – 6 Protect, Detect, Deter, Respond is Not a Security Strategy.
Zero Trust Series – 7 Upping the Security Ante: How to Get Teams’ Buy-in for Zero Trust
Zero Trust Series – 8 Next-Gen Access and Zero Trust are the PB&J of Security
Zero Trust Series – 9 Passwords Need Fixing. Zero Trust is the Solution.
Zero Trust Series – 10 The One-Two Punch of Zero Trust. Verify Every User, Validate Every Device.
Zero Trust Series – 11 “Should I Stay or Should I Go?” Artificial Intelligence (And The Clash) has the Answer to Your Employee Access Dilemma.
Zero Trust Series – 12 Grow Up! Plotting Your Path Along the Zero Trust Maturity Model
Corey Williams
Corey Williams is the Vice President of Marketing & Strategy and lead evangelist for Idaptive, leading all marketing functions, as well as market development and strategy. Corey served as the Senior Director of Products and Marketing for more than a decade at Centrify where he was the visionary behind, and the first product manager of, the set of products that were ultimately spun out of Centrify to become Idaptive, including leading SaaS services for Single Sign-on (SSO), Adaptive Multi-factor Authentication (MFA), endpoint and mobile context, and User Behavior and Risk Analytics (UBA).
While at Centrify, Corey defined and brought to market seven net-new product offerings directly contributing to the growth of the existing customer base from less than 400 customers to over 5000 customers. He also led efforts with major industry analysts that directly resulted in Centrify being named as a leader in all of the major analyst reports including the Gartner Magic Quadrant and Critical Capabilities reports for Access Management, Worldwide; Forrester IDaaS Wave; KuppingerCole Cloud MFA Leadership Compass; and Network World Clear Choice Winner for Single Sign-on Solutions.
Corey is a frequent speaker and commentator on IT Security and IT Management. He has authored several publications, including “Zero Trust Security for Dummies”, a leading guide for enterprise managers.
Prior to Centrify, Corey led products and marketing for SpikeSource (acquired by Black Duck Software), Syndera (acquired by Tibco), and Journee Software (acquired by Initiate Systems). Earlier in his career, he managed pre- and post-sales consulting for Active Software (acquired by webMethods).
Corey holds degrees in Mathematics (BS) and Computer Science (BS) from New Mexico State University, as well as an MS in Engineering and an MBA from San Jose State University.
CHAMELEON-LIKE SUPERPOWER
If Corey could have any chameleon-like superpower, it would be the chameleon's tongue, which is ridiculously fast. Some of the world's smallest chameleons have the world's fastest tongues. In automotive terms, the tongue could go from 0 to 60 miles per hour in a hundredth of a second! “I would be able to complete webinars in 4.5 seconds instead of 45 minutes!”