What Identity Analytics really is and why you need it

What Identity Analytics really is and why you need it

IT security’s advent: the “identity” concept as key factor

Digital transformation has changed and is changing more and more business processes, job positions as well as many companies’ core activities. In consequence, it has implied a change in the way we mitigate risks.

Risk mitigation has existed long before digital transformation but it mainly relied before on manual processes, spreading risk management across departments – thus relying on silos – and on analyses over samplings. But this risk management is no longer possible with today’s world digital transformation, which often goes too fast for companies to properly adapt to new risks, especially IT risks. They most often have no visibility on what is key: their users’ access rights to their information system, user behaviors as well as existing security breaches. 

Financial costs of IT security risks, whether it be data thefts or internal frauds, are continuously rising. According to a 2016 Ponemon Institute study, data leakage costs have risen 30% between 2013 and 2016 in the 12 countries of this survey. Companies are paying at a high cost the rise of cyber risks but what about their investments to prevent these threats and mitigate these risks? 

Organizations need to ensure efficient and continuous risk mitigation and detection. They need to know the risks threatening them, including the humpan error risk which is constantly underestimated even though it was the source of 1 out of 4 data breaches in 2016 (2016 Ponemon study).

Companies are becoming more conscious of cyber risks and the need to reduce them through the IT vector but many doubt their capacity to really identify who accessed their sensitive data and applications. Indeed, the main stakes are here: knowing who has access to wgat and who accessed what in your information system. This is about cyber resilience: ensuring both cyber security along with productivity and innovation for companies.

Becoming cyber resilient means focusing on identites, that is individuals. It is both through individuals that secured digital transformation projects can unfold and that the cyber attacks happen. Risk analysis, detection and mitigation need to be built around this identity concept and that is what Identity Analytics is all about.

 

The rise of Identity Analytics

Digital opportunities should not make you forget that significant risks are generally atatched to them. Let’s take the classic icerberg methaphor. The emerged part of it represents known and visible digital and cyber risks today: ransomwares, virus, etc. But these risks aren’t the most important or threatening. The risks underwater, invisible for most of us, are the most threatening and frequent ones for organizations. You need to target these first and foremost.

With Identity Analytics you are able to answer the question “what resources can these users access, how and how are they using these access rights?” and this is what matters to ensure a secured business environment. It is about conducting in-depth analytics within a contextualized environment, with HR and technical data reconciled. Audit and internal control tasks as well as proper analyses, access reviews and clear reporting processes are at last possible in one unique platform centered on the identity concept.

 

Regarding digital transformation and cyber security, the notion of identity crystallizes opportunites, threats and solutions all in one. It is the key concept companies need to understand fully and implement. 

With Identity Analytics, companies can more easily mobilize their resources and think in a transversal way, beyond silos, to achieve both business development and efficient risk management. All actors, internal actors and third parties, need to engage in this process. This collaboration and communication between actors is all the more important as cyber incidents are hard to detect and it takes several months, almost a year, as an average for companies to detect a breach or suspicious activities. Organizations need to pay attention to unusual user behaviors for example but most of them do not have the maturity and the resources to do so.

Identity Analytics has developped over the last 10 years and is continuing its rise as companies realize worldwide that traditional cyber security methods and tools are no longer adapted and can even become harmful by exposing them to risks they cannot detect and prevent.

Identity Analytics is still misunderstood or rather unknown but this is changing. Meanwhile, significant cyber security actors have tried to hijack the Identity Analytics term and use it for other meanings and cyber security specific features such as SIEM for example. Identity Analytics isn’t about real time detection but about enabling you to better analyze risks, prevent threats and ensure compliance by focusing on your key asset and threat: indentities.

 

With Brainwave GRC, its Identity Analytics solution includes advanced in-depth analytics, machine-learning and workflows to reduce access-related risks and ensure continuous compliance for all organizations. 

 

BRAINWAVE GRC LAUNCHES ITS CLOUD SOLUTION FOR ACTIVE DIRECTORY

BRAINWAVE GRC LAUNCHES ITS CLOUD SOLUTION FOR ACTIVE DIRECTORY

Brainwave GRC, a software vendor specialized in Identity Analytics, launches “AD Booster Cloud edition” a SAAS version of its Brainwave Identity GRC software in order to help companies easily control their Active Directory’s content.

As many companies still use Active Directory it remains a central repository for many information systems as a door to a wide range of an organization’s data and applications. Whether companies face modernization challenges, opening to cloud services or organizational changes, Active Directory remains a key factor for any digital transformation project. Data are now stored in the cloud and on premise and your Active Directory is often the main entrance door.

Active Directory is often one of malevolent individuals’ favorite targets. An issue in Active Directory management creates important security weaknesses that can give way to data leaks spread by an internal source. These security risks also represent a dreamed-of entrance door for hackers, especially if they target privileged accounts.

Active Directory’s access rights model is complex and evolves on a daily basis, following the company’s use of it. In consequence, it is often very hard and complicated to continuously ensure a sufficient security level without a proper tool.

Brainwave GRC launches its cloud solution for Active Directory to provide an out of the box solution for Active Directory audit and security. With this SAAS solution you can view, contextualize and analyze security risks and data quality issues with all your Active Directory domains as well as edit dashboards and reports.

With this solution any company can continuously monitor its AD referentials’ evolution and identify any anomaly, in a preventive and reactive way. The solution provides 360° visibility over AD:

  • Accounts and groups inventory
  • Bringing together accounts and their owners by reconciliating AD data with HR information regarding individuals and organizations
  • Privileged accounts identification and documentation
  • Security groups analysis
  • Highlighting security issues related to accounts (excessive access rights, dormant or residual accounts, never-changing passwords, etc) and groups (almost public groups, cyclic groups,…)
  • Illustrating changes having happened between two dates
  • Password policy analysis
  • Identifying accounts with local admin access rights
  • Analyzing authorized privileges within Active Directory through ACLs (who can reinitiate passwords, who can modify group members, etc)

 

Brainwave GRC cloud solution for Active Directory is accessible through subscription, immediately operational and requires no connector for the solution to connect to your IT system.

With Digital transformation, it has become necessary to closely monitor Active Directory. Any configuration mistake can lead to heavy security consequences. For example, an account remaining active by mistake can still give access to cloud applications linked to an AD referential. 

CISOs have already understood this risk and operate security controls over this referential, but these controls are often hard and laborious to operate. In consequence, analyses are often limited and remain superficial by lack of means or time. 

With AD Booster Cloud edition, our goal is to help CISOs improve their operational efficiency. The solution enables them to focus on monitoring and analyzing results rather than fighting with data extracts. The pricing model, a subsription mode, and the SAAS approach provide an immediate return on investment and are adapted to any company size”. 

explains Sébastien Faivre, Brainwave GRC Director.

Controls automation: auditors and internal control’s key to success?

Controls automation: auditors and internal control’s key to success?

Why and how should a company automate controls?

The reasons to automate controls processes will logically depend on the company’s context and security challenges. Fighting against fraud is one of the main reasons for organizations to implement controls automation today. But it isn’t the only one. Here are a few of them:

  • Focusing on fraud risks

The goal here is to reduce fraud risks, often over large data volumes. The stakes are to gain full visibility over fraud risks, segregation of duties policy implementation but also to ensure that controls are properly operated and cover all the critical applications and business processes for which fraud risks are very high.

  • Targeting sensitive business processes

For some companies, the prime focus needs to be set on preventing risks at a business process level for their most sensitive ones, such as the Purchase-to-Pay business process. Security risks, such as fraud risks, are often significant at the business process level – within and between applications and systems – but companies often focus only on risks linked to IT infrastructures and fraud risks within applications only.

  • Improving data analysis

The goal here is to implement efficiently and broadly a proper data governance through automated controls. Controls over applications are a priority in this context and need to comply to security requirements such as proper privileged accounts management and efficient access rights governance.

What are the benefits?

Controls automation can provide many benefits, here are the main ones:

  • Optimizing controls processes, strongly needed by companies as they face rising regulatory requirements and pressure from control and compliance authorities.
  • Reducing security risks within applications and at a business process level
  • Reinforcing internal audit and control’s position within the company

Automating controls enables internal audit and control teams to save significant time, money and energy not using Excel spreadsheets with over fifty tabs to operate manually their controls. With controls automation, they can focus  on the most critical security and compliance stakes and risks that trully need their time and attention.

 

Are they limits to controls automation and how can you move past them?

Automating controls at the scale of an application, system or a wholke business process requires paying special attention to a number of topics in order for a company to prevent limitations and evaluate if its is ready to implement the automation of all or part of its controls processes.

Here are a few of the topics you should pay attention to:

  • Your applications’ maturity

Automating controls properly depends on your applications having the same “maturity” level.

  • Risks moving upstream or downstream

By automating controls, there is a risk that security issues be displaced. An example of risks moving “downstream” is an inefficient analysis and correction of discrepancies.

  • Automated controls staying relevant and answering internal audit’s needs over time
  • Segregation of duties

One of the keys to controls automation is implementing a proper segregation of duties at a business process level, within and between applications and processes in the IT systems.

 

Any questions? Don’t hesitate and contact us!

Cyber risks and Brainwave GRC benefits for Imran Ahmad, National leader cyber security at Miller Thomson

Cyber risks and Brainwave GRC benefits for Imran Ahmad, National leader cyber security at Miller Thomson

Brainwave GRC video interview of Imran AHMAD – Miller Thomson partner

CyberThreats

 

 

Businesses are struggling to identify what they should be looking at or not. We are seeing an increase in term of cyberthreats and cyberattacks and it’s not a question of ”if it will happen”, it will happen to you.

At that point: Are you ready to respond in an effective way and what can you do to mitigate the risks?

To monitor the risks in real-time and to identify a conduct or a behavior which is outside of the norm is like to find a needle in a haystack…

 


Imran Ahmad is a Business Law Partner in the Miller Thomson Toronto office and specializes in the areas of cybersecurity, competition and foreign investment law.

As part of his cybersecurity, privacy and data breach practice, Imran works closely with clients to develop and implement practical and informed strategies related to cyber threats and data breaches. He focuses on legal risk assessments, compliance, due diligence and risk allocation advice, security and data breach incident preparedness and response.  He also provides representation in the event of an investigation, enforcement action, or litigation.

Brainwave GRC’s added-value according to Deloitte

Brainwave GRC’s added-value according to Deloitte

Brainwave Identity GRC’s benefits for Deloitte and clients

Interview of a Senior Manager Risk Advisory at Deloitte France – Alexandra Jasinsky

 

3 benefits Deloitte France sees in using Brainwave GRC:
 
– Cross-application and cross-system analysis for the entire enterprise, including any in-market or legacy ERP and custom in-house application
– Easily configured dashboards and KPIs with most important metrics
– Deep behavior analysis to understand financial impact of transactions and conflicts