Identity and Access Management, and Information Security writ large, is one of the fastest moving fields in of study in the world. There’s a seemingly endless torrent new research, white papers, and analyst reports, and for InfoSec pros, that means a lot of reading. Of course, keeping up with the deluge of resources is no easy task, nor is figuring out which ones to read, and which to skip.
With that in mind, we’ve compiled this collection of the latest IAM white papers, analyst resources, and research reports we’re reading. These reports cover a wide range of topics, from vendor comparison to securing cloud environments to the latest statistics on cybercrime.
For even more resources, check out our IAM resource library, which features 28 top resources, and is constantly updated.
The 2017 Critical Capabilities for IGA looks at attributes that differentiate products/services in a class in terms of their quality and performance. Gartner recommends that users consider the set of critical capabilities as some of the most important criteria for acquisition decisions.
Gartner’s report includes scoring on the following Critical Capabilities: Identity Life Cycle, Entitlements Management, Access Requests, Workflow, Policy and Role Management, Access Certification, Fulfillment, Auditing, Reporting and Analytics, Ease of Deployment, and Scalability and Performance
From top executives to your bottom line, the consequences of a successful data breach pervade your entire enterprise. For this new report the Ponemon Institue set out to discover the business and financial impact of a data breach, and came through with some humbling results. According to the report, the average breach results in:
- a 5% drop in average stock price the day a breach is announced
- a 7% loss of customers
- 31% of consumers discontining the relationship
With this report, you’ll learn how improving your organization’s security posture can help shield your business and its reputation from devastating and long-term financial consequences of a breach.
The ThreatMetrix Cybercrime Report: Q1 2017 is based on actual cybercrime attacks from January – March 2017 that were detected by the ThreatMetrix Digital Identity Network during real-time analysis and interdiction of fraudulent online payments, logins and new account applications. Key trends discussed in the report include:
- The multifarious attack methods used in a 2017 cybercrime attack
- The evolution of attacks from single to multi-vector approaches
- Identity theft is a key issue for all industry sectors as they continue to see attacks involving stolen and synthetic credentials, harvested from omnipresent data breaches
- The proliferation of RATs in the financial services sector
- The sophistication of bot attacks
According to recent reports, 95% of IaaS security failures are the customer’s fault, and more than half of those are attributed to inadequate management of identities, access and privileges.
Leveraging built-in Infrastructure-as-a-Service (IaaS) security is a good start, but according to Amazon Web Services’ Shared Responsibility Model, it’s only a portion of the solution.
Read this white paper to learn six best practices for meeting your share of the security responsibility when moving to an AWS infrastructure. Ensure your security model is ready to meet the challenge of moving new workloads to the hybrid cloud without impacting your audits or increasing the risk of data breach.
It’s indisputable that today’s business and threat landscapes are different from those of years past. After all, the advent of cloud apps and “bring your own device” philosophies have changed how businesses operate; we now work in a perimeterless environment.
Just because you’ve found a solution that works for your enterprise for the time being, solving issues as they arise, does not mean your organization is safe in the long term.
In fact, this makeshift solution you’ve pieced together with legacy systems and point solutions actually multiplies the problems and vulnerabilities your organization may face.
Latest posts by Jeff Edwards (see all)
- Authorities Shut Down Popular Dark Web Criminal Markets - July 20, 2017
- Comparing IDaaS SSO Solutions With KuppingerCole’s Leadership Compass - July 19, 2017
- Access Governance and the Remote Employee - July 11, 2017