Identity and Access Management, and Information Security writ large, is one of the fastest moving fields in of study in the world. There’s a seemingly endless torrent new research, white papers, and analyst reports, and for InfoSec pros, that means a lot of reading. Of course, keeping up with the deluge of resources is no easy task, nor is figuring out which ones to read, and which to skip.
With that in mind, we’ve compiled this collection of the latest IAM white papers, analyst resources, and research reports we’re reading. These reports cover a wide range of topics, from vendor comparison to securing cloud environments to the latest statistics on cyber crime.
For even more resources, check out our IAM resource library, which features 28 top resources, and is regularly updated.
The ThreatMetrix Cybercrime Report: Q1 2017 is based on actual cybercrime attacks from January – March 2017 that were detected by the ThreatMetrix Digital Identity Network during real-time analysis and interdiction of fraudulent online payments, logins and new account applications. Key trends discussed in the report include:
- The multifarious attack methods used in a 2017 cybercrime attack
- The evolution of attacks from single to multi-vector approaches
- Identity theft is a key issue for all industry sectors as they continue to see attacks involving stolen and synthetic credentials, harvested from omnipresent data breaches
- The proliferation of RATs in the financial services sector
- The sophistication of bot attacks
The 2017 Critical Capabilities for IGA looks at attributes that differentiate products/services in a class in terms of their quality and performance. Gartner recommends that users consider the set of critical capabilities as some of the most important criteria for acquisition decisions.
Gartner’s report includes scoring on the following Critical Capabilities: Identity Life Cycle, Entitlements Management, Access Requests, Workflow, Policy and Role Management, Access Certification, Fulfillment, Auditing, Reporting and Analytics, Ease of Deployment, and Scalability and Performance
This is the first iteration of the AM MQ report, which is replacing Gartner’s Magic Quadrant for Identity and Access Management as a Service (IDaaS). Gartner will no longer be covering IDaaS with a magic quadrant.
In the 2017 MQ for AM, Gartner evaluates the strengths and weaknesses of 15 vendors that it considers most significant in the AM market and provides readers with a graph (the Magic Quadrant) plotting the vendors based on their ability to execute and their completeness of vision.
The 15 vendors featured in the report are, in alphabetical order, Atos (Evidian), CA Technologies, Centrify, Covisint, ForgeRock, IBM, i-Sprint Innovations, Micro Focus, Microsoft, Okta, OneLogin, Optimal IdM, Oracle, Ping Identity, and SecureAuth.Download
From top executives to your bottom line, the consequences of a successful data breach pervade your entire enterprise. For this new report the Ponemon Institue set out to discover the business and financial impact of a data breach, and came through with some humbling results. According to the report, the average breach results in:
- a 5% drop in average stock price the day a breach is announced
- a 7% loss of customers
- 31% of consumers discontining the relationship
With this report, you’ll learn how improving your organization’s security posture can help shield your business and its reputation from devastating and long-term financial consequences of a breach.
According to recent reports, 95% of IaaS security failures are the customer’s fault, and more than half of those are attributed to inadequate management of identities, access and privileges.
Leveraging built-in Infrastructure-as-a-Service (IaaS) security is a good start, but according to Amazon Web Services’ Shared Responsibility Model, it’s only a portion of the solution.
Read this white paper to learn six best practices for meeting your share of the security responsibility when moving to an AWS infrastructure. Ensure your security model is ready to meet the challenge of moving new workloads to the hybrid cloud without impacting your audits or increasing the risk of data breach.
It’s indisputable that today’s business and threat landscapes are different from those of years past. After all, the advent of cloud apps and “bring your own device” philosophies have changed how businesses operate; we now work in a perimeterless environment.
Just because you’ve found a solution that works for your enterprise for the time being, solving issues as they arise, does not mean your organization is safe in the long term.
In fact, this makeshift solution you’ve pieced together with legacy systems and point solutions actually multiplies the problems and vulnerabilities your organization may face.
Okay, time for a little shameless self-promotion. Aimed at simplifying the time-consuming vendor selection and evaluation process, this resource breaks down how to choose the right PAM solution for your needs, and offers an at-a-glance reference guide for the top 10 PAM players, the solutions they provide, and what makes those solutions unique.
Vendors covered in the 2017 Privileged Access Management Buyer’s Guide include Balabit, BeyondTrust, CA Technologies, Centrify, Core Security, CyberArk, Lieberman Software, ManageEngine, One Identity, and Thycotic.
If you’re in the beginning process of buying your first PAM solution, or if you’re looking for something a little different than what you already have, we hope this is the perfect resource to get you started on the decision-making process.Download
Latest posts by Jeff Edwards (see all)
- The Identity and Access Management Blogs We’re Reading - November 16, 2017
- Survey Reveals Widespread Mismanagement of Privileged Accounts and Access - November 8, 2017
- Access Governance and the Remote Employee - November 7, 2017