What advanced identity analytics or continuous access controls is your organization using (or planning to implement)? Any lessons learned you can share regarding vendor selection or implementation?

Data & Analytics Security Strategy & Roadmap

1.5k views2 Comments

Sort by:

Information Security Manager2 months ago

We are running IAM Analytics using PowerBI + Python combination. We also utilize Log Analytics workspace and Splunk as sources. This empowers us to do co-relation from multiple sources and produce data for better visibility, decision making and next actions. An example can be tracking MFA adoption using phishing resistant MFA. We can show how many managed devices we have which use modern MFA versus SMS etc. Our lesson learned during this journey is start small and expand. You are surrounded by pool of data. Using the data to your advantage is the key here.

Director of IT2 months ago

In order to implement continuous access controls the maturity of the organization regarding Identity Governance, Access Controls and Access Management must be very good. Most of the organization I know are still struggling with a consistent Identity Governance and Administration implementation across the business departments and application landscape. Therefore I cannot share valuable lessons learned for now.

Content you might like

Disesdi Susanna Cox outlines 3 critical threats:
1. Non-deterministic decisions – same prompt, different actions (e.g., unintended transfers).
2. Cascading failures – multi-step tasks = more attack surface.
3. Emergent behavior – guardrails can’t cover infinite edge cases; focus on blast radius and recovery.

3 Controls to Implement Now:
• Map agent workflows to attack tactics (MITRE ATLAS)
• Weekly prompt-injection tests (OWASP + CSA)
• Least-privilege, expiring agent tokens (NIST AI RMF + CSA MAESTRO)

Which control or framework gives you the biggest headache, and how are you tackling it?

Full analysis: https://disesdi.substack.com/p/openai-just-dropped-their-agentic

What requirements have you used to evaluate and select a SAAS SPM tool?

Which is the more realistic and sensible approach to ransomware protection and mitigation?

Encrypting data so if we are hacked, the data can't be read or exploited39%

Multi-factor authentication and phishing awareness training is enough to stop attacks before they get in59%

Something else (comment below)1%

View Results

Is PCAP (packet capture) data part of your cybersecurity posture?

Yes88%

No12%

Our company deeply entered in the Microsoft world (EntraId, M365, Azure). Microsoft is publishing, in particular, a compliance dashboard and security dashboard. How are you using them and which kind of governance are you putting around them?

What advanced identity analytics or continuous access controls is your organization using (or planning to implement)? Any lessons learned you can share regarding vendor selection or implementation?

Sort by:

Content you might like

What requirements have you used to evaluate and select a SAAS SPM tool?

Which is the more realistic and sensible approach to ransomware protection and mitigation?

Is PCAP (packet capture) data part of your cybersecurity posture?

Our company deeply entered in the Microsoft world (EntraId, M365, Azure). Microsoft is publishing, in particular, a compliance dashboard and security dashboard. How are you using them and which kind of governance are you putting around them?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

Data-Driven Customer Experience: Uniting D&A and CX Teams

2024 Marketing Priorities and Challenges: Insights from the Field

Data and Analytics Priorities and Challenges: 2024 Trends

Generative AI and Software Engineering Teams: Adoption and Training

Take Your Insights On-the-Go