Thiago N . Felippe , CEO of Aiqon

Thiago N . Felippe , CEO of Aiqon , tells us how Identity Threat Detection and Response ( ITDR ) can help limit the threats posed by identity theft .

In a hyper-distributed world , it is the user ’ s identity that determines the reach and depth of access the employee will have to the company ’ s critical applications and data . The new perimeter needs protection against cyberattacks . Attackers aim to steal the user ’ s identity in order to carry out increasingly profitable crimes in possession of access rights . This is done through leaked credentials , overprivileged users and gaps in visibility over the cloud .

It ’ s arguable that the compromise and misuse of identities is central to almost every cyberattack . A 2022 Gartner study indicates that stolen credentials are behind 61 % of all data breaches that occur in the US .

There are reasons for this : according to the 2023 Identity Breach Report , attackers target personal information tied to the user ’ s identity . In 2022 , 72 % of leaks in the US contained date of birth and Social Security ( SSN ) numbers , a 20 % increase from 2021 .

This data , along with other leaked credentials , is used by malicious bots to try to gain access to critical data – a treasure trove that generates wealth for attackers . The report on identity breaches demonstrates that unauthorized access remains the top attack vector , accounting for 49 % of all data breaches .

Interdependence between identity theft and data leaks

It is an evil that is increasingly present in the digital journeys of organizations . A 2022 survey sponsored by the Identity Defined Security Alliance ( IDSA ) found that 79 % of respondents had experienced an identityrelated breach in the past two years , and that 99 % of respondents believed that identity-related breaches could have been prevented if the company had a different security posture around that asset .

This is where a new concept created by Gartner comes in : Identity Threat Detection and Response ( ITDR ) describes the security discipline that protects the identity infrastructure . It ’ s an approach that encompasses threat intelligence , best

practices , a knowledge base , tools and processes to secure identity systems .

ITDR works by implementing detection mechanisms , investigating posture changes and suspicious activity , and responding

to attacks to restore the integrity of the identity infrastructure . This discipline can be implemented with the help of ITDR solutions that perform these actions in an automated way , in a distributed environment , in the cloud .

Microsoft Active Directory and Azure AD are identity stores

This concept was introduced two years ago and is now being widely used to describe a discipline and solutions that protect identity systems such as Microsoft ’ s Active Directory ( AD ) and Azure AD .

These directories receive records of the identity of each user , releasing and blocking access according to the position of the person and the work that has to be performed by this professional . A cybercriminal who gains access to AD or Azure AD – among other identity stores – can use legitimate data to perform illegitimate actions .

24 www . intelligenttechchannels . com / latam