IBM Security adds AI features to its Cloud Identity solution
IBM Security announced it is extending its artificial intelligence (AI) technology originally developed to protect users in the financial services industry, to clients in all industries via the company’s identity-as-a-service (IDaaS) offering.
IBM Cloud Identity now features AI-based adaptive access capabilities that help continually assess employee or consumer user risk levels when accessing applications and services.
The solution escalates suspicious user interactions for further authentication, while those identified as lower risk are “fast-tracked” so they can access applications and services they need.
With data breaches on the rise, traditional means of securing access, like passwords, are often not enough to prevent unauthorized access. The rise of credential-stuffing attacks, where a malicious actor obtains a list of credentials and tests them at various other sites using a bot, demonstrates that many password combinations have been leaked.
According to a 2019 report, compromised and weak credentials are cited as the cause for more than 80% of data breaches. Meanwhile, 2017 research found that large companies are managing hundreds of applications – up to 788 custom applications on average for companies with more than 50,000 employees.
Considering the number of programs and passwords that employees are managing between their professional and personal lives, it is increasingly important that new security measures do not hinder user experience.
“Companies are constantly trying to optimize both security and user experience, but the trick is ensuring security is not disrupting the everyday user journey,” said Jason Keenaghan, Director, IBM Security.
“IBM Cloud Identity with adaptive access is using AI to give organizations a holistic view of context for user access, based on indicators like malware and risk indicators, device insights, and user behaviour, to help them focus security on high-risk logins and give the majority of users seamless access to their accounts and applications.”
Adaptive access: Smart context
Many organizations continue to rely on older username and password methods to provide employee and consumer users access to services. Due to the patchwork of applications and solutions organizations are working with, they may not be able to deploy more modern security layers.
This can create a blind spot that prevents security teams from easily implementing rules that flag suspicious indicators like malicious logins, unknown locations, unrecognized devices, and whether a user is on a company’s network VPN.
IBM Cloud Identity is an identity-as-a-service solution that helps organizations connect every user to every application using adaptive access. Through the use of AI, the service helps simplify access management and security for users by assigning user risk levels based on a defined set of factors.
With these risk levels, administrators can create rules that level up or level down authentication – implementing strong authentication but only when needed. The service leverages the following features to determine risk and enable adaptive access decisions:
- Artificial intelligence – a user behaviour score is assigned based on the level of trust or risk assessed for each user. A number of factors are assessed including web intelligence, location data, malware and risk indicators, and device insights. For example, using AI, the system can detect irregular mouse movements or flag a user trying to login from a browser infected with keylogging malware. IBM Cloud Identity with adaptive access leverages IBM Trusteer AI technology to assess users based on a fraud evidence database, fraudulent pattern analysis, and cross-organizational patterning.
- Smart access and seamless login: Since AI capabilities are able to assign risk levels, only users considered to pose a higher threat are prompted to go through multi-factor authentication or denied access. By only prompting specific users to further verify their identification, rather than all users, organizations may be able to reduce operational expenses related to items such as two-factor authentication and help desk password resets for both current and new users. This can potentially lead to cost cuts considering organizations spanning different sectors have allocated more than $1 million per year to password-related support alone.
- Low-code deployment: Adaptive access policies can be created and applied to applications and APIs with little to no development effort and without application changes.
“According to our primary research results, the establishment of low-friction end-user experiences has the potential to help boost security effectiveness while reducing management efforts and related costs,” said Steve Brasen, Research Director, Enterprise Management Associates.
“By injecting intelligence into access processes, IBM is helping its customers implement the appropriate level of authentication enforcement for users while minimizing impacts to their productivity.”
- Senior Cyber Security Analyst / Engineer. Exclusive role
- United Kingdom
Senior Cyber Security Analyst / Engineer. Exclusive role Hybrid role- Travel to London once a month. ROLE Day to day operations, management and scalability of existing cyber security systems. Advanced triaging and troubleshooting security alerts. Improve tooling, reducing false positives. Improve processes and documentation Reviewing, approving, escalating security change management requests. Implementing new cyber security systems. Managing of and maturing security tooling such as; SIEM Vulnerability management Firewalls Patch management CASB Ideal technical experience Vulnerability Management: Qualys Forcepoint: CASB, DLP, web security, email security Microsoft Defender for Endpoint SIEM (Splunk) Firewalls: Cisco, Palo Alto, Juniper, Sonicwall IDS: Alert Logic Microsoft Cloud App Security Microsoft Azure ManageEngine ADAudit Plus Darktrace, Cloudflare, Cisco Umbrella, Imperva WAF Appreciation of ISO27001, GDPR, PCI, etc
- Security Operations Senior Technical Analyst, Financial Services. Exclusive to DCL Search
- 75000 + benefits
Exclusive Security Operations - Senior Technical Analyst (x2) needed within a forward thinking financial services business head quartered in London. DCL Search have been engaged on an Identifier Project to attract the very best cyber talent to this business. Influence the cyber security capability and direction within the business. Learn new skills working within a collaborative team. Grow as a security professional. ROLE Triaging and troubleshooting security alerts. Improve tooling, reducing false positives. Improve processes and documentation Reviewing, approving, escalating security change management requests. Day to day operations, management and scalability of existing cyber security systems. Implementing new cyber security systems. Managing of and maturing security tooling such as; SIEM Vulnerability management Firewalls Patch management CASB Ideal technical experience Vulnerability Management: Qualys Forcepoint: CASB, DLP, web security, email security Microsoft Defender for Endpoint SIEM (Splunk) Firewalls: Cisco, Palo Alto, Juniper, Sonicwall IDS: Alert Logic Microsoft Cloud App Security Microsoft Azure ManageEngine ADAudit Plus Darktrace, Cloudflare, Cisco Umbrella, Imperva WAF Appreciation of ISO27001, GDPR, PCI, etc 2 days a fortnight in London- or more if you want.. Hybrid reworking.
- It's Pen Testing Chris, but not as we’ve know it.
- United Kingdom
5 reasons, as long as you are a skilled penetration tester (and a nice person) this may be different enough for you. Healthy package for the right talents- before you ask up to 95k+ (depending on skillset). Yes permanent only. Remotely based with the occasional time to meet up- unless you enjoy retiring from society. BUT UK based but not UK client focused. Research and training time- A dedicated trainer with budget for you to sharpen / develop skills. You can make your stamp. It’s a new role for someone technical to deliver, lead and shape a testing capability. No political shenanigans etc Exclusive to DCL Search and not one of the usual names. So you can dramatically increase your chances of securing it. Infrastructure pen testing and Web app / Manual penetration testing experience highly valued. Someone that can scope, deliver pen testing, report and not be useless in front of clients. Apply today to find out more. Or email Chris.Holt@dclsearch.com Or call 07884666351 This is a UK based role.
- Ping Contractor-
- Depends on skills and experience
Looking for experienced PIng Consultants, Looking for consultant with Implemenation or Architect experience in the Ping product set (Ping Identity, Ping Federate, Ping Access, Ping Directory, Ping Adapter development, SDK etc) This would be for implementation projects, working across UK. You will be responsible for providing implementation services to our clients from information gathering through to implementation. Evaluating client business, process, systems, and technology requirements and advise clients on best practices to help guide and solidify proposed designs. Manage Client expectations, Stakeholder Managment, ensuring design Matches business requirements