{"id":5917,"date":"2025-08-08T03:02:34","date_gmt":"2025-08-08T03:02:34","guid":{"rendered":"https:\/\/mailitics.com\/index.php\/2025\/08\/08\/exposure-management-starts-with-identity-1439602898\/"},"modified":"2025-08-08T03:02:34","modified_gmt":"2025-08-08T03:02:34","slug":"exposure-management-starts-with-identity-1439602898","status":"publish","type":"post","link":"https:\/\/mailitics.com\/index.php\/2025\/08\/08\/exposure-management-starts-with-identity-1439602898\/","title":{"rendered":"Exposure management starts with identity"},"content":{"rendered":"<p>    Exposure management starts with identity<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"img-responsive\" src=\"https:\/\/i0.wp.com\/d1v1e13ebw3o15.cloudfront.net\/data\/89691\/pool_and_spa_logo\/..jpg?ssl=1\"> <\/p>\n<p>While concepts like zero trust, XDR and threat intelligence are valuable in cybersecurity, the fundamental imperative today is exposure management: understanding where critical vulnerabilities lie and remediating them swiftly. To effectively manage cyber exposure, the focus must begin where the risk is the greatest \u2014 identity. More specifically, Active Directory.<\/p>\n<p>The decades-old backbone of enterprise identity often suffers from outdated configurations and insufficient protection. Although it represents an environment\u2019s most valuable assets, many organisations neglect it. Instead of cleaning it up, organisations often layer on \u2018next-gen\u2019 defences and hope for the best. But the truth is simple. You can\u2019t manage cyber exposure if you don\u2019t start with identity, and that means getting serious about fixing Active Directory.<\/p>\n<p>The white paper titled \u2018<a href=\"https:\/\/www.coriniumintelligence.com\/content\/cisos-cant-afford-to-ignore-active-directory\" target=\"_blank\" rel=\"noopener\">A Blueprint for De-Risking Identity<\/a>\u2019 makes this painfully clear. While organisations love to obsess over external threats and perimeter tools, the state of internal identity stores remains suboptimal: over-privileged accounts, orphaned credentials, forgotten entitlements, lack of visibility, and no governance. Consequently, organisations are surprised when attackers waltz through the front door.<\/p>\n<p>Attackers, however, are well aware of weak identity hygiene within organisations. Identity serves as the critical pivot point in nearly every breach, including ransomware, APT attacks and data theft. Upon gaining initial access, adversaries escalate privileges, move laterally, and exploit the existing weaknesses within an organisation\u2019s identity architecture. This is not a peripheral issue; it is a fundamental, core problem.<\/p>\n<p>The situation is exacerbated by the rise of hybrid environments, where syncing on-premise Active Directory with cloud platforms like Azure or AWS creates new vulnerabilities. As Jamie Norton, former CISO of the Australian Taxation Office, cautions: \u201cCarrying across potential vulnerabilities to the cloud will just increase your attack surface.\u201d This highlights a critical point that cloud adoption does not resolve poor identity hygiene; it amplifies existing issues.<\/p>\n<p>That\u2019s exactly why the Australian Signals Directorate (ASD), alongside its Five Eyes counterparts, recently issued <a href=\"https:\/\/www.cyber.gov.au\/resources-business-and-government\/maintaining-devices-and-systems\/system-hardening-and-administration\/system-hardening\/detecting-and-mitigating-active-directory-compromises\" target=\"_blank\" rel=\"noopener\">new guidance on detecting and mitigating Active Directory compromises<\/a>. That kind of international coordination doesn\u2019t happen for minor risks. Active Directory is under siege, and the regulators know it, even if organisational boards have yet to fully grasp it.<\/p>\n<p>So, why the hesitation among security leaders? The report suggests that while many recognise the dangers, they feel overwhelmed by the sheer complexity of the problem. Identity architecture is often fragmented across silos, ownership is ambiguous, and specialised skills are scarce. Furthermore, the arduous, unglamorous and often invisible work of remediating Active Directory issues lacks inherent appeal.<\/p>\n<p>Too bad. Do it anyway.<\/p>\n<p>This isn\u2019t a one-and-done exercise. As Sandeep Taileng, Information Security Leader at State Trustees, emphasises, a \u2018big bang\u2019 solution is unrealistic. Cleaning up identity stores requires a phased, pragmatic approach \u2014 starting with low-risk groups, building momentum and securing executive backing along the way. It\u2019s security hygiene 101.<\/p>\n<p>While tedious, neglecting this task \u2013 much like brushing your teeth \u2013 will inevitably lead to severe consequences. Unlike dental issues, however, the \u2018rot\u2019 in this context translates to domain-wide compromise and widespread ransomware propagation. If security leaders are unwilling to address these fundamental issues, discussions about advanced concepts like \u2018zero trust\u2019 become moot.<\/p>\n<p>Exposure management isn\u2019t just another buzz phrase; it\u2019s a mindset shift. It demands visibility across the entire attack surface but prioritises fixing the risks that matter most. That\u2019s why identity\u00a0\u2014 and specifically Active Directory\u00a0\u2014 must be step one. Without controlling access, effective protection of other assets remains impossible.<\/p>\n<p>This is not just a security risk, it\u2019s a business risk. Orphaned accounts drive up cloud licensing costs. Lack of identity governance leads to operational sprawl. Worse, it erodes trust. Ask any CISO who\u2019s tried to explain to the board how a dormant admin account no one remembered brought the whole company down.<\/p>\n<p>The white paper doesn\u2019t pull punches and reveals a critical failing. Most organisations lack a complete inventory of access permissions. That\u2019s indefensible. If you don\u2019t know what you own, you can\u2019t protect it. If you don\u2019t know who has access, you\u2019re already breached; you just haven\u2019t noticed yet.<\/p>\n<p>Recognising the inherent fragility of legacy systems, addressing these core issues demands collaborative buy-in across infrastructure, HR, compliance and the C-suite. Security is not about convenience, but about the imperative to safeguard the organisation, its employees and its customers.<\/p>\n<p>Ultimately, exposure management\u2019s success hinges on organisations\u2019 management of identity. That means building inventories, enforcing least privilege, integrating HR triggers, running pen tests, auditing regularly and automating wherever possible.<\/p>\n<p>While this work may not be glamorous, it is precisely how victories are achieved.<\/p>\n<p>Security teams cannot sustainably focus solely on chasing alerts while ignoring the foundations. Active Directory is more than just a technical debt; it\u2019s a live wire. Just as one wouldn\u2019t operate critical systems on unpatched operating systems, it\u2019s illogical to base an entire identity strategy on decades of accumulated misconfigurations. Prioritising the remediation of Active Directory is essential to de-risk core operations and establish a security posture grounded in control, not fear.<\/p>\n<p><h9>Image credit: iStock.com\/Urupong<\/h9><\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.technologydecisions.com.au\/content\/security\/article\/exposure-management-starts-with-identity-1439602898?utm_source=rss\">Go to Technology Decisions<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Exposure management starts with identity While concepts like zero trust, XDR and threat intelligence are valuable in cybersecurity, the fundamental imperative today is exposure management: understanding where critical vulnerabilities lie and remediating them swiftly. To effectively manage cyber exposure, the focus must begin where the risk is the greatest \u2014 identity. More specifically, Active Directory. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[44],"tags":[48],"class_list":["post-5917","post","type-post","status-publish","format-standard","hentry","category-technology-decisions","tag-technology-decisions"],"_links":{"self":[{"href":"https:\/\/mailitics.com\/index.php\/wp-json\/wp\/v2\/posts\/5917"}],"collection":[{"href":"https:\/\/mailitics.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mailitics.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mailitics.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mailitics.com\/index.php\/wp-json\/wp\/v2\/comments?post=5917"}],"version-history":[{"count":0,"href":"https:\/\/mailitics.com\/index.php\/wp-json\/wp\/v2\/posts\/5917\/revisions"}],"wp:attachment":[{"href":"https:\/\/mailitics.com\/index.php\/wp-json\/wp\/v2\/media?parent=5917"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mailitics.com\/index.php\/wp-json\/wp\/v2\/categories?post=5917"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mailitics.com\/index.php\/wp-json\/wp\/v2\/tags?post=5917"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}