2021 brought unprecedented challenges for cybersecurity professionals. Major attacks completely shook the community’s foundation of knowledge and put a lot of things into question. Breaches, like SolarWinds and the Colonial Pipeline, revealed areas in enterprise infrastructure in need of strategic improvement, most notably around increased security for identity and access management (IAM).
In many of these troubling breaches, flaws in identity management systems (that were otherwise considered secure) were exploited by cyberattackers. In the case of SolarWinds, hackers were able to bypass multifactor authentication (MFA) by simply stealing a web cookie. This breach showed that organizations of all sizes across sectors must make securing login credentials and tokens a top priority for their security teams.