In our previous blog post about Elimity’s role in Cyber Security, we already mentioned how artificial intelligence (AI) is becoming increasingly important in cybersecurity and identity and access management. A few weeks ago, our CEO, Willem De Groef, attended the Kuppinger Cole Cyber Security Leadership Summit 2018 in Berlin. There he spoke about what AI could bring to the table for identity and access management. Did you miss it? Don’t worry, we wrote the most important insights into a blog post for you.
The importance of a mature IAM approach
Today’s business environment is global and highly interconnected, which increases an organization’s probability of cyber threats. Deciding who should have access to what information is difficult for many businesses and this leaves their systems vulnerable. The importance of a clever and mature Identity & Access Management (IAM) strategy shouldn’t be underestimated. According to a Forrester research report, 83% of organizations do not have a mature approach to IAM, resulting in two times more breaches and $5 million more in costs, on average. Smarter IAM approaches showed a direct correlation to reduced security risk, improved productivity, increased privileged activity management and greatly reduced financial loss over their less mature counterparts.
One issue with IAM is that users are usually given access privileges based on their role in an organization, but employees rarely fit into single roles. They may need special one-time access or each person fulfilling the same role might need slightly different types of access. This results in very complicated situations often requiring collaboration between many departments. Proper management thus involves many employees across all layers of the organization. This could lead to a situation where people might suffer from a so-called “security fatigue”, because of a high amount of technical data, a difficult decision-making process and a lack of relevance with their day-to-day job. Disastrous consequences for businesses as a result of a poorly managed IAM infrastructure lure around the corner.
How can AI improve this situation?
Although this situation is quite common in many enterprises, it doesn’t have to be so. AI and machine learning (ML) technologies could be a major help for effective IAM and lot of frustration can be overcome. These technologies can help enterprises mature from overly technical access management to access management that is understandable on all levels within a business.
Analytics combined with artificial intelligence can provide focus and contextual insights so that both technical and non-technical employees can work more time efficient. Modern technologies provide ways to learn new insights and automate processes, which will drastically speed up the existing IAM compliance controls. They can detect anomalies and potential threats, without the need for a large team of security experts. This gives employees, both technical and non-technical, the information needed to make correct decisions. Especially in the area of anti-money laundering and fraud detection, but also in the area of combating insider threats, such progress is crucial. It paves the way to move from reactive access management to preventative or even corrective access management. This results in enterprises being continuously in control, continuously secure and continuously compliant.
Although artificial intelligence and machine learning can provide many benefits, people often mistakenly assume that this technology can just take over all the work and automate the whole process of IAM. As of today, this is definitely not yet the case. In general, for any type of work, a lot of misconceptions exist about how advanced artificial intelligence is right now. These modern technologies prove to be most useful when they are implemented to do one task instead of many. So while full automation is not yet possible, AI and machine learning can definitely help and improve identity and access management.
Elimity's approach to AI in IAM
Elimity uses machine learning to help with insights about the current identity and access state of your business. Machine learning algorithms are strong in detecting anomalies and assisting with setting a so-called baseline model. This model is translated into rules within Elimity. Next, these rules can be verified by the appropriate people in the context of specific audits or reporting efforts. If needed, the rules can be updated to better align with the real situation within the organization and to take the business context into account. All these rules and the anomalies that are discovered within the current state will be used in the evaluation of all future reporting. We don’t believe in a big bang approach of AI. A lot of business context and knowledge is not covered in the tooling and configuration and is thus impossible to be automatically discovered. We are a strong believer of the additive role of AI: we apply machine learning as a virtual assistant next to an expert, to help to dig through the data and to discover what is baseline and flag anything unusual for human review. This virtual assistant will help to automate the IAM controls to be more continuous in control.
How do you think AI will impact identity and access management in the future? Don’t hesitate to tell us in the comments below!