In this special guest feature, Jackson Shaw, CSO, Clear Skye, discusses why it’s so early for artificially intelligent identity management. Jackson has more than 30 years of experience managing product and operations in the technology security sector, lending his expertise to companies from Dell and Microsoft to Forcepoint and One Identity.
Artificial Intelligence (AI) has the power to change security and identity management. By performing a once manual, easy error process and adding gloss of automation and accuracy, we can solve old access and rights management problems. The problem is a sleek exterior of AI-enabled products all exist — even today.
While there is no shortage of ‘AI -enabled’ solutions, many are looking at a very limited set of values that they cannot afford to fulfill their promise. To get the most out of an AI solution, more data needs to be available. But the truth is that most one-off solutions do not have access to it. Additionally, the narrow view of identity as a strict security duty or GRC has also limited what is possible in AI. Identity affects every part of a business, from IT to HR and anywhere in between.
If identity works in its own security and compliance loop, businesses will not know the true value that AI -driven identity management can bring. And the outcome of any AI initiative should be a more agile business. This includes activities such as improved workflow, seamless user experience (UX), and enhanced operations. When done correctly, this in itself can achieve smart identity management.
But how do we get there? Let’s take a look at what’s holding us back and how we can get our identity data to start working for us.
The trials
While the popularity of AI in the business continues to grow, the skills and maturity have remained relatively steady. Industry research shows the lack of skilled people and the difficulty in hiring topped the list of AI challenges. Pair this with 25% of companies seeing half of their AI projects fail (Deloitte) and it’s no wonder why we haven’t seen truly successful AI applications around identity.
If we drill down into specific identity-related AI projects, the data tells another sad story. New research from Gradient Flow shows that two-thirds of respondents indicated that their company uses AI /ML to improve identity management. But less than a third of respondents indicated that AI/ML yielded moderate to high benefits for identity management. It is likely that less than two-thirds of respondents use AI in a real production environment. Although, there seems to be more to be seen than the actual value.
The solution
The problems are obvious: we don’t have enough data, we see the identity on its own island, and we lack skilled technical talent. Consequently, here is where business leaders should focus to approach identity supported by true deep learning technology.
- Data Amount: AI/ML can find patterns and extract value in so much data with sophistication that can match certain technologies. That said, both AI/ML algorithms require massive amounts of data to understand what is normal and what is anomalous behavior. A lot of data input is needed to train and test algorithms, then, when validated, and put into production, there needs to be a continuous amount of data feeding into the algorithms to stay accurate.
- Specialization: It takes a data scientist working with identity, security, and other experts in your business to determine what data should be part of an AI/ML initiative. Bypassing this level of specialization can result in limited insights. Additionally, a data scientist will be able to advise and customize algorithms for your business’s specific use cases. It is important to have this talent on the front lines to ensure accuracy, consistent training and tuning of models, and to prevent deterioration over time.
- Organization-Wide Identity Integration: By using the business platform, organizations gain access to an entire data warehouse with information about not only identity controls, but IT Service Management (ITSM), Security Operations (SecOps), Human Resources (HR), and more, along with all relevant service requests, and approvals. No need to perform multiple multiple exports and imports from different products or systems in your enterprise — they all live in one place. The best news? This functionality already exists within your current tech investments on platforms like ServiceNow, Salesforce, Azure, and more.
We still have a long way to go before AI and identity work seamlessly, but we are on the right track. By taking stock of the data you have access to, organizational loops, and prioritizing AI talent — whether in-house or through the partners and products your business uses — these should be priority area for those wishing to maximize their AI efforts around. identity.
Sign up for the free insideBIGDATA newsletter.
Join us on Twitter: @InsideBigData1 – https://twitter.com/InsideBigData1