Mastering Identity Hygiene: A New Standard in Cybersecurity


In Episode S7E1, host Steven Bowcut and SPHERE CEO Rita Gurevich discuss the significance of identity hygiene in cybersecurity. They highlight its ongoing nature, challenges in identity management, the need for automation, and its effect on cyber insurance costs. The episode wraps up by exploring how these concepts apply across different sectors and the expanding scope of identity management.

Summary

Identity Hygiene and Risk Protection

Steven and Rita discuss the importance of identity hygiene in protecting organizations from identity-related risks. Rita emphasizes that identity hygiene is not a one-time task but a continuous process, akin to personal hygiene and crucial for maintaining a secure environment. She also highlights that over 80% of breaches are caused by identity-related issues, making identity hygiene a necessity rather than a luxury. 

Identity Hygiene in Cybersecurity Importance

Rita and Steven discuss the importance of identity hygiene in cybersecurity, emphasizing its impact on cyber insurance costs and the necessity for automation. Rita notes that their company shifts from consulting to providing solutions to meet customer demand and tackle the complexity of identity management. They identify three main challenges: visibility, risk identification, and ownership.

Rita shares a case study of a healthcare technology company that uses their services to resolve an identity-related breach, demonstrating the effectiveness of their solution in managing identity hygiene.

Identity Hygiene and Healthcare Implications

Rita discusses the successful deployment of technology that identifies critical service accounts and impacted business units, enabling immediate onboarding and password rotation for the company. She emphasizes that this is a learning experience that fosters ongoing hygiene and education for the C-suite and business partners. Steven agrees on the importance of identity hygiene across vertical markets and asks about applying these lessons elsewhere. Rita highlights the severe implications of identity-related challenges in healthcare, referencing a past ransomware attack that led to a child’s death.

Identity Hygiene and Cybersecurity Risks

Steven and Rita discuss the importance of identity hygiene in cybersecurity. Rita emphasizes that identity is always evolving, with increasing threats. She stresses the need for organizations to adopt proactive identity management strategies. When Steven asks about smaller organizations, Rita notes that while risks are similar, solutions can differ. She also mentions the growing scope of identity management due to AI and cloud computing, concluding with optimism about more companies specializing in this field.

About Our Guest

Rita Gurevich is the CEO and founder of SPHERE, a leading identity hygiene company redefining how organizations identify and remediate critical identity-related issues.

Rita began her career at Lehman Brothers, where she oversaw the distribution of technology assets after the organization’s bankruptcy in 2008. From this experience, Rita observed firsthand the challenges surrounding the implications of mismanaged access. She quickly realized the need for swift and agile solutions to find and fix these types of problems.

With this knowledge, Rita founded SPHERE, an organization that initially provided Consulting Services to help other large, complex organizations get ahead of these risks. As regulatory requirements increased and cyber-attacks became more widespread, so did the required scope of these important initiatives. In response, Rita made the important decision to build strong automation that can handle massive scale quickly and elegantly, as there were no products designed to discover and remediate these issues and bring companies to the proper levels of hygiene.

The company’s transformation focuses on its flagship product, SPHEREboard, which has taken Rita and SPHERE to new heights. Rita has driven the growth of SPHERE through its evolution to a cutting-edge software company that solves a very important need in today’s cyber world – protecting digital identities and reducing risk across the most prominent brands in financial services, healthcare, manufacturing, energy and more.

This episode is a must-listen for anyone interested in identity hygiene and how to remediate identity-related cybersecurity issues.

Click the image below to listen to this Brilliance Security Magazine Podcast episode.


Steven Bowcut is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Instagram, and LinkedIn.