This is part of our Cybersecurity Awareness Month (#CSAM) expert insights blog series.
Cybersecurity Awareness Month kicks off today and we heard from Nathanael Coffing, CSO of Cloudentity, about how companies still have a long way to go to perfect their security strategies and more about the ways they can improve their cybersecurity posture:
"Modern organizations are sharing data over APIs to digitally transform and rapidly bring new services to market. APIs are connecting with internal and external services, transferring sensitive data with users and partners across the hybrid cloud. Consequently, organizations are facing increased cyber risks and a growing attack surface. Legacy identity and access management (IAM) tools cannot protect and secure identities working in modern applications, much less multi-cloud infrastructures.
Gartner predicts that APIs will be the most frequent attack vector by 2022. Implementing zero-trust for APIs to protect against known and emerging threats like broken object-level authorization or broken authentication means building strong application identity along with strong user identity, as well as protecting sensitive data with fine-grained authorization. Properly assessing and mitigating risks at the API level can also allow organizations to enhance the user experience with transactional Authentication/ Authorization and fine-grained consent management.
Cybersecurity Awareness Month shines a light on the changing state of cybersecurity. Prioritizing cybersecurity and adopting these modern capabilities is no longer optional as digital transformation accelerates."
###