1 of 13

Identity Security Posture Management (ISPM) In The Modern Enterprise

Miguel Furtado

2 of 13

Miguel

Sr. Manager, Identity Engineering

Furtado

Blue Shield of California

3 of 13

We have an identity breach problem

SSO

MFA

ACTIVE DIRECTORY

IGA

PAM

USER ACCOUNTS

SERVICE ACCOUNTS

LOCAL ADMIN ACCOUNTS

SHADOW ADMIN ACCOUNTS

LEGACY APP ACCOUNTS

90%

ORGANIZATIONS HAVE EXPERIENCED AN IDENTITY-RELATED BREACH IN THE PAST YEAR

Identity Defined Security Alliance�2024 Trends in Securing Digital Identities

4 of 13

Identity Sprawl is fueling the fire

84% of Identity stakeholders reported identity related incidents directly impacted their business including operational disruptions and reputational damages.

74% of organizations who fell victim to cyber-attacks cite over-privileged access as one of the main causes.

100% of business processes rely on identity data

90%

84%

74%

90% of organizations experienced at least 1 identity-based incident last year.

5 of 13

IAM is not enough

IAM != continuous risk assessment

IAM focuses on provisioning, not posture

Stale Entitlements

Toxic Combinations

Inconsistencies

No real-time visibility

IAM is plumbing, ISPM is leak detection and flow control

6 of 13

What is ISPM?

  • ISPM is your identity radar
  • Continuous monitoring, scoring
  • Works with any type of identity
  • Modern IGA requires it

7 of 13

What risks are we mitigating?

Context aware risk scoring

Over privileged access

Unified identity data

Disparate repositories

Continuous monitoring

Periodic Reviews

Real time visibility

IAM blind spots

Clean, consistent data

IAM data hygiene

8 of 13

Unifying Identity Data for Visibility

DIRECTORY

IDENTITY

GRAPH

TIME SERIES

Data Quality &

Risk Scoring

Role Mining

AI-driven

Remediation Plans

Governance &

Access Review

SoD & Compliance

Analysis

Human &

Non-human

Identities

SSO, IGA & PAM �Systems

Entitlements &

Permissions

Behavioral

Logs

Accounts &

Groups

IDENTITY DATA LAKE

9 of 13

Why is it foundational?

Identity Sprawl

As companies age and grow, identity data

proliferates, resulting in blind spots as critical access and permissions data is spread throughout disparate sources and systems …

Identity Security

… which expands the identity data attack

surface, driving growth of identity-related cyber risks and vulnerabilities …

Identity Hygiene

which can only be addressed through

improved identity

hygiene (good account mgt, least privilege, visibility, etc..)

Identity Security Posture Management

… resulting in increased demand for ISPM

products that allow customers to continuously monitor, manage, and mitigate identity-related security vulnerabilities

10 of 13

Full Spectrum ISPM

Identity and Access Management (IAM)

Identity Governance and Administration (IGA)

Privilege Access Management (PAM)

Zero Trust Architecture (ZTA)

Micro segmentation

Least Privilege

Compliance

SecOps

11 of 13

Key Take Aways

  • Identity is your most attacked surface.
  • ISPM = visibility, control and speed
  • Complements IAM and IGA stack
  • Enables ZTA, least privilege, and modern security posture
  • Full spectrum ISPM helps you stay ahead of threats

Continue the conversation at iDMig.org

12 of 13

13 of 13