Recent research reveals that 79% of organizations have experienced an identity-related security breach in the last two years, and 99% believe their identity-related breaches were preventable. According to the 2020 Verizon Data Breach Investigations Report, as many as 81% of hacking-related breaches leverage weak, stolen, or otherwise compromised passwords. The National Cybersecurity Alliance and the Identity Defined Security Alliance have newly designated the second Tuesday in April each year as Identity Management Day. This year's inaugural event will be on April 13th.
What is Identity Management Day?
Identity Management Day aims to educate business leaders and IT decision makers on the importance of identity management and key components including governance, identity-centric security best practices, processes, and technology, with a special focus on the dangers of not properly securing identities and access credentials.
In addition, the National Cyber Security Alliance (NCSA) will provide guidance for consumers, to ensure that their online identities are protected through security awareness, best practices and readily-available technologies.
The What's & Why's Behind Identity Management for Organizations and Individuals
For organizations, Identity Management “is the discipline that enables the right individuals to access the right resources at the right times for the right reasons,” according to Gartner. Weak or improper identity management increases risk. The vast majority of data breaches making headlines are the result of poor identity management. These breaches often leverage weak identity management, such as weak or previously compromised passwords, not leveraging multi-factor authentication and single sign-on or leaving standing privileges open.
For consumers, identity management is the discipline of protecting our personal digital identities as we communicate, shop, and transact our daily lives online. For individuals, poor password hygiene and careless online behavior can lead to compromised accounts or identity theft. These incidents occur when we use weak passwords, fail to enable two-factor authentication, or carelessly click on malicious links.
How to Reduce Risk for both Organizations & Individuals
To reduce these risks requires four things:
- Understanding that identity management and security is a challenge that many people and organizations are failing at and that cyber-attackers exploit this fact.
- Awareness that we must do a better job managing and securing identities and the access granted with them.
- Utilizing technology solutions available to strengthen identity and access management.
- Follow the advice provided for individuals and organizations.