I have worked in IT all my life and in the sub-genre of what we now call identity security for over 20 years. We absolutely love an acronym, so when, in the last couple of years I came across one that was being used in my speciality, I had to investigate.
So, what is ISPM and where is it in its maturity journey in the industry?
Author:
Paul Dawson
Chief Services Officer at CyberIAM
ISPM stands for "Identity Security Posture Management". It undoubtedly overlaps, is related to, and complements Identity Threat Detection Response (ITDR) which, whilst still emerging, is perhaps slightly better understood.
My view of the difference is that ITDR majors in threat response. Its tooling can detect, respond and (critically) block identity security threats such as ransomware and account takeovers.
ISPM works on a higher plane - with its aim to assess, provide visibility to, and describe an organisation's overall identity security posture.
But the overlaps are everywhere. ISPM does play in the arena of addressing threats in addition to detecting and making them visible. Perhaps the two disciplines will merge over time? Industry analysts, The CyberHut, speak of them remaining separate, with Founder, Simon Moffatt, including a prediction around how it will evolve in this recent linkedin post.
Contact Us
Contact us today if you would like to unpack ISPM further or discuss any potential identity issues that you might need solving.Â
The thing that prompted this blog was actually this news article which spoke about Crowdstrike's purchase of Adaptive Shield, an organisation specialising in SSPM - another acronym where the S is SaaS (surely it is a subset of CSPM; C = Cloud!). It was the sentence ‘it provides full visibility into, and governance of, human and non-human identities and their permissions, entitlements, activity levels and public data’ that drew my attention - that sounds like ISPM!
Regardless of acronyms, one of the things that is interesting to me about ISPM is that its approach to providing a holistic view of identity risk, with compliance reporting, means that it can be used to explain an organisation's posture in a way that is understandable to senior management. As we all know, explaining the risk to senior management is a critical factor for IAM leaders in order to secure budget for remediation and protection. For this reason alone, ISPM is worthy of further investigation by companies, particularly large and regulated ones.
Identity security vendors are starting to talk about ISPM and including offerings in their stack.
Saviynt recently launched capability in their platform - as introduced in this linkedin video. It is of course borderline illegal to write a blog in 2024 and not mention artificial intelligence (AI), and helpfully for me, the Saviynt ISPM offering claims to be the industry's first Large Language Model implementation on an enterprise grade identity data lake. Their converged Identity Cloud will provide ‘actionable insights on identity-related risks to identify vulnerabilities and aid remediation’. This is exciting stuff and something that we will be looking at in more detail as it emerges.
Silverfort absolutely play in the ISPM space too. One of their primary selling points is around the visibility they can provide ‘into security gaps, misconfigurations, malpractices, and legacy infrastructure vulnerabilities that expose environments to identity threats’. The nice thing about Silverfort is that it also has ITDR capability, meaning that when those threats are identified, real-time action can be taken by, for example, adding multi-factor authentication (MFA) against the authentication in question.
With the modern-day adage that hackers don’t hack they just use accounts that are already there, it is clearly powerful that real-time threat identification can be accompanied by immediate lock-down.
Asking my browser AI assistant, ‘what is ISPM?’, gave me the following information.
‘In today's digital world, protecting your organisation's identity security posture is paramount. ISPM offers a comprehensive framework for managing and securing digital identities. By adopting ISPM, organisations can reduce risk, improve compliance, and safeguard their most valuable assets.’
I'd never argue with a robot, and it does sum it up very well in truth. I hope that my musings above have been of interest. If you have any comments or opinions on the current 'posture' of ISPM and where it is going, I'd love to discuss!
Current State Assessment Guide
Access our comprehensive current state assessment guide to discover how we initiate our end-to-end analysis, setting the foundation for providing you with the best possible advice.