A set of tools for managing roles and access privileges of individual network entities to various cloud and on-premise applications is called Identity and Access Management (IAM).
The primary purpose of IAM is a single digital identity for everyone and everything. Once that is established, it must be observed and modified throughout the access cycle of each user or device.
We sat down with Sadrick Widmann, a cloud IMA-focused company cidaas CEO, to discuss the most pressing issues of this side of the field.
How did cidaas originate? What would you consider the biggest milestones throughout the years?
The idea for cidaas developed out of a customer project of WidasConcepts. At that time, a well-known German medical technology company was looking for a solution for its customer identity and access management that would allow not only the administration of identities but also their authentication and authorization on a central platform.After evaluating several software solutions, we came to the conclusion that no vendor mapped all the requirements "out-of-the-box" and that major development efforts would be necessary to configure the solution as desired. The result is cidaas Europes #1 Cloud Identity & Access Management.
Can you introduce us to your identity platform? What are its key features?
Cidaas is the leading European Cloud Identity & Access Management and delivers an out-of-the-box solution with which companies can establish a unified identity across all channels and the highest security. Cidaas is characterized in particular by feature completeness. Starting with the extensive authentication options for login or multi-factor authentication to our group management with which B2B use cases or family and friend scenarios can be easily implemented as well as our advanced consent management. But also, innovative functions like the Real World Identification with which the digital and the real-world identity of users can be linked.
For example, the access to stadiums or events can be managed, or the cidaas ID validator with which a digital identity verification can be performed via an AutoIdent, for example for the opening of a bank account or for the digital driver's license check, round off the platform.
One important characteristic of the cidaas platform, which our customers often highlight, is the Everything is an API approach and the event-based architecture of cidaas. The Everything is an API allows one to access all features of cidaas via API and the event-based architecture allows reacting in real-time to any event happening in the cidaas platform. Both features allow a perfect integration of cidaas into any software landscape or application.
What are the most common methods threat actors use to bypass various identity verification measures?
There are many different attack vectors in the context of authentication, but since the password is still the predominant authentication method, most attacks continue to be password-centric and follow classic attack patterns.
Therefore, brute force attacks are still one of the most common methods, in particular, brute force attacks with credential stuffing or credential cracking demonstrate high success rates. In these attack patterns, attackers utilize existing compromised credentials and variations of these to authenticate at different services and platforms. The biggest collection of leaked credentials haveibeenpwnd contains nearly 12 billion credentials.
Additionally, also classical Phishing attacks are still common and still show a much too high success rate.
The advantage of these attack patterns is the broad range of victims that can be reached as well as the ease of implementation, reducing the barriers of the attack, combined with a good success rate, it is perfect for any attacker.
The best way to overcome these attack patterns is to move to passwordless and multi-factor authentication to eliminate the password as an attack vector.
How do you think the recent global events affected the cybersecurity landscape?
The recent events had a huge impact on the cybersecurity landscape. Starting the Covid-19 pandemic has greatly changed the way we work. Remote work and distributed work are part of everyday life, which also meant that classic cybersecurity concepts had to change. Users are no longer located in the secure corporate network protected by firewalls, but all over the world. But it is not only the world of work that has changed; the pandemic has also had an impact on private life, giving digitization a further boost, at least in part.
Also, the recent development in Ukraine affects the cybersecurity landscape massively, especially since state players and also hacker collectives are getting in on the action. In addition to the actual threat situation, which has increased, the perceived threat situation is also decisive and shapes the cybersecurity landscape.
My hope is that recent global events will have a positive effect on cybersecurity and lead to increased investment in cybersecurity by companies and nations.
What are the main issues associated with password-based authentication?
We already discussed password-centric attack patterns, but the main issue with password-based authentication is the human. The human factor combines different human behavioral patterns which undermine the password. That starts with the reuse of passwords, users tend to use the same or a variation of the same password test123 and test1234, which makes it easy for the attacker to guess the password in a brute force attack.
Moreover, the users do not select random passwords but subconsciously use certain patterns to assign passwords. These patterns can be modeled by attackers to reduce the number of possible passwords (solution space). Basically, attackers do not need to test random passwords during an attack, based on leaked credentials and models which map the patterns of password selection, the solution space an attacker needs to test during an attack shrinks massively.
Besides quality identity management solutions, what other cybersecurity measures do you think every company should implement nowadays?
There is a broad range of cybersecurity measures a company should implement nowadays. Important are all measures known to secure the networks and internal infrastructure: firewalls, protection against malware, monitoring of software and hardware systems, antivirus software
Important is also to keep software and hardware up-to-date, sadly this is quite often not the case in many companies, and in particular outdated software is in place. Finally, security awareness within the company is an essential building block of cybersecurity.
As for personal use, what security measures can average individuals take to prevent their identity from being stolen?
As an individual, you can take different measures to reduce the risk of identity theft. Obviously, caution and thoughtful behavior are important. Additionally, individuals should move to passwordless authentication options if available, more and more digital services offer such options like many of our customers do.
Users should also start using multi-factor authentication, in particular for important services and sensitive data. But it is not only the individual who should take action, also companies and providers need to do their job and integrate identity & access management as well as other security solutions to protect their user data.
What do you think the future of identity and access management is going to be like? Do you think the use of biometrics is going to take off?
I am curious to see the future development of the Identity & Access Management market. There are some interesting trends, be it Zero-Trust, digital identity verification, or the connection between digital and real-world identity.
I am also quite sure the use of biometrics will take off, it is one of the most comfortable options for users, and most of the users are already used to it, due to the device biometrics like FaceID or TouchID on Smartphones. In particular, in the context of passwordless authentication, user comfort and therefore biometrics is important.
Would you like to share whats next for cidaas?
As a leading European Cloud Identity & Access Management, we have big plans for the future. We want to further strengthen our position in Europe and also expand into other markets. We also have some cool new features planned that will help our customers to implement Identity & Access Management perfectly.
We have already briefly touched on a few topics above, from zero trust to real-world identification (identifying users in the real world, e.g. at the point of sale or when accessing the stadium), which we will continue to drive forward with cidaas.
Originally posted here:
Sadrick Widmann, cidaas: there is a broad range of cybersecurity measures a company should implement nowadays - CyberNews.com
- Thinking Slowly: The Paradoxical Slowness of Human Behavior - Caltech - December 23rd, 2024 [December 23rd, 2024]
- From smog to crime: How air pollution is shaping human behavior and public safety - The Times of India - December 9th, 2024 [December 9th, 2024]
- The Smell Of Death Has A Strange Influence On Human Behavior - IFLScience - October 26th, 2024 [October 26th, 2024]
- "WEIRD" in psychology literature oversimplifies the global diversity of human behavior. - Psychology Today - October 2nd, 2024 [October 2nd, 2024]
- Scientists issue warning about increasingly alarming whale behavior due to human activity - Orcasonian - September 23rd, 2024 [September 23rd, 2024]
- Does AI adoption call for a change in human behavior? - Fast Company - July 26th, 2024 [July 26th, 2024]
- Dogs can smell human stress and it alters their own behavior, study reveals - New York Post - July 26th, 2024 [July 26th, 2024]
- Trajectories of brain and behaviour development in the womb, at birth and through infancy - Nature.com - June 18th, 2024 [June 18th, 2024]
- AI model predicts human behavior from our poor decision-making - Big Think - June 18th, 2024 [June 18th, 2024]
- ZkSync defends Sybil measures as Binance offers own ZK token airdrop - TradingView - June 18th, 2024 [June 18th, 2024]
- On TikTok, Goldendoodles Are People Trapped in Dog Bodies - The New York Times - June 18th, 2024 [June 18th, 2024]
- 10 things only introverts find irritating, according to psychology - Hack Spirit - June 18th, 2024 [June 18th, 2024]
- 32 animals that act weirdly human sometimes - Livescience.com - May 24th, 2024 [May 24th, 2024]
- NBC Is Using Animals To Push The LGBT Agenda. Here Are 5 Abhorrent Animal Behaviors Humans Shouldn't Emulate - The Daily Wire - May 24th, 2024 [May 24th, 2024]
- New study examines the dynamics of adaptive autonomy in human volition and behavior - PsyPost - May 24th, 2024 [May 24th, 2024]
- 30000 years of history reveals that hard times boost human societies' resilience - Livescience.com - May 12th, 2024 [May 12th, 2024]
- Kingdom of the Planet of the Apes Actors Had Trouble Reverting Back to Human - CBR - May 12th, 2024 [May 12th, 2024]
- The need to feel safe is a core driver of human behavior. - Psychology Today - April 15th, 2024 [April 15th, 2024]
- AI learned how to sway humans by watching a cooperative cooking game - Science News Magazine - March 29th, 2024 [March 29th, 2024]
- We can't combat climate change without changing minds. This psychology class explores how. - Northeastern University - March 11th, 2024 [March 11th, 2024]
- Bees Reveal a Human-Like Collective Intelligence We Never Knew Existed - ScienceAlert - March 11th, 2024 [March 11th, 2024]
- Franciscan AI expert warns of technology becoming a 'pseudo-religion' - Detroit Catholic - March 11th, 2024 [March 11th, 2024]
- Freshwater resources at risk thanks to human behavior - messenger-inquirer - March 11th, 2024 [March 11th, 2024]
- Astrocytes Play Critical Role in Regulating Behavior - Neuroscience News - March 11th, 2024 [March 11th, 2024]
- Freshwater resources at risk thanks to human behavior - Sunnyside Sun - March 11th, 2024 [March 11th, 2024]
- Freshwater resources at risk thanks to human behavior - Blue Mountain Eagle - March 11th, 2024 [March 11th, 2024]
- 7 Books on Human Behavior - Times Now - March 11th, 2024 [March 11th, 2024]
- Euphemisms increasingly used to soften behavior that would be questionable in direct language - Norfolk Daily News - February 29th, 2024 [February 29th, 2024]
- Linking environmental influences, genetic research to address concerns of genetic determinism of human behavior - Phys.org - February 29th, 2024 [February 29th, 2024]
- Emerson's Insight: Navigating the Three Fundamental Desires of Human Nature - The Good Men Project - February 29th, 2024 [February 29th, 2024]
- Dogs can recognize a bad person and there's science to prove it. - GOOD - February 29th, 2024 [February 29th, 2024]
- What Is Organizational Behavior? Everything You Need To Know - MarketWatch - February 4th, 2024 [February 4th, 2024]
- Overcoming 'Otherness' in Scientific Research Commentary in Nature Human Behavior USA - English - USA - PR Newswire - February 4th, 2024 [February 4th, 2024]
- "Reichman University's behavioral economics program: Navigating human be - The Jerusalem Post - January 19th, 2024 [January 19th, 2024]
- Of trees, symbols of humankind, on Tu BShevat - The Jewish Star - January 19th, 2024 [January 19th, 2024]
- Tapping Into The Power Of Positive Psychology With Acclaimed Expert Niyc Pidgeon - GirlTalkHQ - January 19th, 2024 [January 19th, 2024]
- Don't just make resolutions, 'be the architect of your future self,' says Stanford-trained human behavior expert - CNBC - December 31st, 2023 [December 31st, 2023]
- Never happy? Humans tend to imagine how life could be better : Short Wave - NPR - December 31st, 2023 [December 31st, 2023]
- People who feel unhappy but hide it well usually exhibit these 9 behaviors - Hack Spirit - December 31st, 2023 [December 31st, 2023]
- If you display these 9 behaviors, you're being passive aggressive without realizing it - Hack Spirit - December 31st, 2023 [December 31st, 2023]
- Men who are relationship-oriented by nature usually display these 9 behaviors - Hack Spirit - December 31st, 2023 [December 31st, 2023]
- A look at the curious 'winter break' behavior of ChatGPT-4 - ReadWrite - December 14th, 2023 [December 14th, 2023]
- Neuroscience and Behavior Major (B.S.) | College of Liberal Arts - UNH's College of Liberal Arts - December 14th, 2023 [December 14th, 2023]
- The positive health effects of prosocial behaviors | News | Harvard ... - HSPH News - October 27th, 2023 [October 27th, 2023]
- The valuable link between succession planning and skills - Human Resource Executive - October 27th, 2023 [October 27th, 2023]
- Okinawa's ants show reduced seasonal behavior in areas with more human development - Phys.org - October 27th, 2023 [October 27th, 2023]
- How humans use their sense of smell to find their way | Penn Today - Penn Today - October 27th, 2023 [October 27th, 2023]
- Wrestling With Evil in the World, or Is It Something Else? - Psychiatric Times - October 27th, 2023 [October 27th, 2023]
- Shimmying like electric fish is a universal movement across species - Earth.com - October 27th, 2023 [October 27th, 2023]
- Why do dogs get the zoomies? - Care.com - October 27th, 2023 [October 27th, 2023]
- How Stuart Robinson's misconduct went overlooked for years - Washington Square News - October 27th, 2023 [October 27th, 2023]
- Whatchamacolumn: Homeless camps back in the news - News-Register - October 27th, 2023 [October 27th, 2023]
- Stunted Growth in Infants Reshapes Brain Function and Cognitive ... - Neuroscience News - October 27th, 2023 [October 27th, 2023]
- Social medias role in modeling human behavior, societies - kuwaittimes - October 27th, 2023 [October 27th, 2023]
- The gift of reformation - Living Lutheran - October 27th, 2023 [October 27th, 2023]
- After pandemic, birds are surprisingly becoming less fearful of humans - Study Finds - October 27th, 2023 [October 27th, 2023]
- Nick Treglia: The trouble with fairness and the search for truth - 1819 News - October 27th, 2023 [October 27th, 2023]
- Science has an answer for why people still wave on Zoom - Press Herald - October 27th, 2023 [October 27th, 2023]
- Orcas are learning terrifying new behaviors. Are they getting smarter? - Livescience.com - October 27th, 2023 [October 27th, 2023]
- Augmenting the Regulatory Worker: Are We Making Them Better or ... - BioSpace - October 27th, 2023 [October 27th, 2023]
- What "The Creator", a film about the future, tells us about the present - InCyber - October 27th, 2023 [October 27th, 2023]
- WashU Expert: Some parasites turn hosts into 'zombies' - The ... - Washington University in St. Louis - October 27th, 2023 [October 27th, 2023]
- Is secondhand smoke from vapes less toxic than from traditional ... - Missouri S&T News and Research - October 27th, 2023 [October 27th, 2023]
- How apocalyptic cults use psychological tricks to brainwash their ... - Big Think - October 27th, 2023 [October 27th, 2023]
- Human action pushing the world closer to environmental tipping ... - Morung Express - October 27th, 2023 [October 27th, 2023]
- What We Get When We Give | Harvard Medicine Magazine - Harvard University - October 27th, 2023 [October 27th, 2023]
- Psychological Anime: 12 Series You Should Watch - But Why Tho? - October 27th, 2023 [October 27th, 2023]
- Roosters May Recognize Their Reflections in Mirrors, Study Suggests - Smithsonian Magazine - October 27th, 2023 [October 27th, 2023]
- June 30 Zodiac: Sign, Traits, Compatibility and More - AZ Animals - May 13th, 2023 [May 13th, 2023]
- Indiana's Funding Ban for Kinsey Sex-Research Institute Threatens ... - The Chronicle of Higher Education - May 13th, 2023 [May 13th, 2023]
- Have AI Chatbots Developed Theory of Mind? What We Do and Do ... - The New York Times - March 31st, 2023 [March 31st, 2023]
- Scoop: Coming Up on a New Episode of HOUSEBROKEN on FOX ... - Broadway World - March 31st, 2023 [March 31st, 2023]
- Here's five fall 2023 classes to fire up your bookbag - Duke Chronicle - March 31st, 2023 [March 31st, 2023]
- McDonald: Aspen's like living in a 'Pullman town' - The Aspen Times - March 31st, 2023 [March 31st, 2023]
- Children Who Are Exposed to Awe-Inspiring Art Are More Likely to Become Generous, Empathic Adults, a New Study Says - artnet News - March 31st, 2023 [March 31st, 2023]
- DataDome Raises Another $42M to Prevent Bot Attacks in Real ... - AlleyWatch - March 31st, 2023 [March 31st, 2023]
- Observing group-living animals with drones may help us understand ... - Innovation Origins - March 31st, 2023 [March 31st, 2023]
- Mann named director of School of Public and Population Health - Boise State University - March 31st, 2023 [March 31st, 2023]
- Irina Solomonova's bad behavior is the star of Love Is Blind - My Imperfect Life - March 31st, 2023 [March 31st, 2023]
- Health quotes Dill in article about rise of Babesiosis - UMaine News ... - University of Maine - March 31st, 2023 [March 31st, 2023]