TÜV Rheinland is taking a new approach in helping medium and large enterprises protect their digital assets against today’s complex, multifactor cyberattacks. Because today’s cloud computing, mobile device access, and BYOD (bring your own device) culture is becoming the norm, it is no longer sufficient to simply guard network entry points with a one-size-fits-all IT security approach. To address this issue, OpenSky, a fully-owned subsidiary of TÜV Rheinland, has published the first in a series of white papers on its latest consulting offering: Threat-Centric Identity Access Management (IAM).
Conventional security architecture takes advantage of ingress and egress points on a fairly well-defined set of enterprise perimeters. Today’s cloud computing patterns have disrupted those perimeters and in some cases (such as mobile devices accessing SaaS) totally bypassed them. Because identity and authentication remain the building blocks of cybersecurity, they are also the top vulnerabilities exploited in a high percentage of attacks. TÜV Rheinland experts point out traditional security methods do not go far enough in today’s evolving network environment. The principle of Threat-Centric IAM addresses this need for improved IAM maturity levels with a distinct focus on the means, motive and opportunity behind a threat model, aligned with security intelligence.
Threat Centric IAM can be defined by the following elements:
- Next generation SIEM (Security Information and Event Management) tools have built-in big data technologies that are threat intelligence- and risk/behaviour-aware, making them threat intelligent systems
- Threat analytics with big data technologies can feed this STIX (Structured Threat Information Expression) interfaces intelligence to all security controls. This intelligence is then integrated into the IAM stack for “design time,” “provision time,” “run time,” and “access time” IAM control responses. STIX will be further integrated with network controls, application controls and data controls.
- Intelligence-driven architecture involving real-time responses based on actionable intelligence. The response can be fine-grained in terms of a recommended set of actions.
“As an enterprise adopts progressively more mature models of threat-centric IAM, their security can tackle challenges like cloud computing, mobile access points, and, at the highest levels, securing Internet of Things devices and SCADA systems against threats. We set forth this robust set of principles to address not only today’s security threats, but to position our clients to anticipate and be prepared for tomorrow’s more complex threats as well,” said Rakesh Radhakrishnan, OpenSky’s National Practice Lead for IAM, and co-author of the white paper.
Please click here to download the Threat-Centric Identity and Access Management white paper.
If you would like to find out more, please leave us with your contact information and one of our experts will be speaking to you shortly.