For context, I am a one person security team as a ISM. Other IT departments are Network, Systems, and Customer service that are under a completely different direction. There has a small about of push-back when I speak on access management roles/responsibilities and separation of duties. What are some opinions on what is the best take on access management ownership with AD and Entra ID, and other services?

Security Strategy & RoadmapIT Strategy & Roadmap
679 viewscircle icon1 Comment
Sort by:
IT Analyst8 months ago

If you are having resistance about it, I think the first step is to engage higher organization levels showing evolved risks. If you get green sign of them next steps are:
1) training teams about security and risks;
2) review organization's security policy;
  2.1) maybe create a standard about IAM's administration;
3) implement IAM policy

There is no formula about which team should do what, each organizations has its own way of working. It isn't a question of organizational chart, it's a question of resposibility. The most important thing is to ensure teams are aware of the their roles in the security implications.

Content you might like

What’s the top cybersecurity challenge concerning your organization right now?

AI-driven threats (deepfakes, automated attacks) 21%

Software supply chain risks 20%

Insider risk (both malicious & accidental) 11%

Regulatory compliance 8%

Cloud misconfigurations 10%

Shadow IT (or shadow AI) 8%

Ransomware 5%

Talent shortage in cybersecurity11%

Something else (comment to explain)5%

View Results

How are you addressing technical debt risk resulting from AI coding tools? Have you established specific processes to manage vulnerabilities in AI-generated code, and are you collaborating with software engineering or other teams using these tools?

What sorts of challenges have you encountered in adapting your governance framework to address AI adoption across business units, and how are you attempting to resolve these?

Read More Comments

We would like to know what is the best advanced threat detection / prevention security control that provides the most bang for buck for a large organisation that wants to enhance its security posture to better detect and mitigate advanced threat actors. 

Main goals are to reduce dwell time, enrich alerts, reduce SOC engineer incident response time, illicit targeted threat intelligence to compliment 3rd party Threat Intelligence providers

Network Detection and Response (NDR)24%

Endpoint Detection and Response (EDR)41%

Extended Detection and Response (xDR = NDR / EDR / CDR)69%

Intrusion Detection & Prevention Systems (TLS Decrypting) IDPS27%

Deception Technology (External Only)11%

Deception Technology (Internal Only)7%

Deception Technology (External & Internal)9%

View Results

Are you seeing changes in the quality or speed of threat intelligence from sources you relied on in previous years? Can you share how you are being impacted so far by the uncertainty around public-private partnerships for cyber information sharing?

Read More Comments