October 11, 2024 at 10:07AM
Non-human identities (NHIs) have significantly increased in cybersecurity, posing risks as potential entry points for attackers. With far more NHIs than human users, visibility and privilege sprawl are major challenges. To mitigate these risks, organizations must enhance discovery, inventory, and management practices, prioritizing NHI security alongside traditional measures.
### Meeting Takeaways on Non-Human Identities (NHIs) in Cybersecurity
#### Overview
– Non-Human Identities (NHIs) are a growing concern in cybersecurity, presenting both operational benefits and substantial security risks. Their presence has increased significantly, with a suggested ratio of 10,000 NHIs for every 1,000 human users.
#### Key Challenges
1. **Attack Surface Expansion**: Each NHI can serve as an entry point for attackers, especially when they have elevated privileges.
2. **Visibility Issues**: NHIs often operate in the background, leading to potential blind spots for security teams.
3. **Privilege Sprawl**: Only 2% of permissions for NHIs are actively used, indicating excessive overprovisioning of access.
4. **Third-Party Risks**: NHIs can connect to external services, increasing vulnerability if those third parties experience a breach.
#### Real-World Incidents
– Major cybersecurity breaches have involved NHIs, with instances from nation-state actors exploiting OAuth applications and notable companies like Microsoft, Okta, and Dropbox suffering attacks through compromised machine identities.
#### Mitigation Strategies
1. **Discovery and Inventory**: Implement tools to continuously identify and catalog NHIs across all systems, including SaaS applications.
2. **Posture Management**: Analyze NHI permissions, usage patterns, and associated risks.
#### Call to Action
– There is an urgent need to prioritize NHI security at the same level as traditional identity access management (IAM) and network security.
– A cultural shift towards a security-first mindset is essential to effectively tackle the challenges posed by NHIs.
#### Conclusion
– With the right visibility, automation, and commitment to best practices, organizations can manage the risks associated with NHIs, shaping the future of cybersecurity positively. It is crucial for security professionals to lead these efforts.