IAM Insights 1/2025

Dear IAM Community,

We're thrilled to continue our popular IAM Insights Newsletter in 2025 and bring you the first edition today! ?? This time, we focus on two highly relevant topics: achieving cyber insurance compliance with PAM and the growing importance of addressing ransomware attacks. You can also be among the first to subscribe to Authenticate This!, iC Consult's newly launched podcast, and enjoy exciting leadership news, and a lineup of upcoming events and webinars to connect with our experts.

Enjoy reading and stay informed throughout 2025 by subscribing to this Newsletter! ??

?? IAM Knowledge Hub: What Ransomware Is and Why PAM, IGA, and Access Management Are Essential

Ransomware continues to be one of the most disruptive cyber threats, impacting industries across the globe. In 2024, the attack on Change Healthcare marked the largest ransomware breach of protected health information in US history. Over 100 million personal, financial, and healthcare records were compromised, critical systems were forced offline for months, and billing processes nationwide were disrupted—resulting in severe financial strain. This highlights the immense impact ransomware can cause, and the urgent need for stronger defenses.

What is Ransomware?

Ransomware is malicious software that encrypts an organization’s data, making it inaccessible. Attackers then demand a ransom—often in cryptocurrency—for the decryption key. Modern ransomware goes further with double extortion, stealing data and threatening to expose it unless paid.

Here’s how ransomware works:

1. Access: Attackers infiltrate networks using phishing, unpatched software, or compromised credentials. In the Change Healthcare attack, hackers exploited credentials from a low-level support employee without Multi-Factor Authentication (MFA), gaining unauthorized access to critical systems.
2. Initiation: Once inside, attackers move laterally across the network, stealing data and deploying ransomware. At Change Healthcare, hackers spent nine days stealing six terabytes of sensitive data before encrypting critical systems, forcing them offline for months.
3. Ransom: Attackers demand payment for decryption or to prevent public exposure of stolen data. Change Healthcare paid $22 million, but the attackers retained the stolen data, illustrating the risks of ransom negotiations.

How PAM, IGA, and Access Management Could Have Helped

Ransomware attacks like this have devastating effects, disrupting operations, compromising sensitive data, and costing organizations millions in recovery. To effectively combat ransomware and protect critical systems, organizations must adopt advanced security measures. Solutions like Privileged Access Management (PAM), Identity Governance and Administration (IGA), and Access Management play a crucial role in closing security gaps, preventing unauthorized access, and mitigating the risks of attacks.

• Access Management and Zero Trust (AM): The lack of MFA allowed Change Healthcare attackers to exploit credentials. MFA, continuous verification, and micro-segmentation could have blocked access and contained the attack.
• Privileged Access Management (PAM): PAM could have enforced least privilege, secured remote access, and flagged unusual activity through real-time monitoring, stopping the attack early.
• Identity Governance and Administration (IGA): Role-based access controls, regular audits, and deactivating unused accounts could have limited lateral movement and flagged anomalies.

?? Read the full blog post to discover more about what ransomware is and how advanced solutions like PAM, IGA, and AM can provide critical protection—illustrated with the Change Healthcare attack as a real-life example.

?? IAM Deep Dive: Achieving Cyber Insurance Compliance with PAM

Picture this: your organization suffers a cyberattack. Systems are offline, sensitive data is compromised, and customers begin to lose trust. In such a crisis, cyber insurance steps in as both a financial safety net and an operational lifeline, providing resources and stability during chaotic times.

Yet, as more companies turn to cyber insurance to mitigate risks, securing coverage has become a challenge itself. Insurers are no longer offering policies without thorough evaluations. They want proof that your business is equipped to manage threats, prevent breaches, and respond effectively to incidents.

Insurers may require:

• Proactive Measures: Companies must adopt tools and processes to prevent breaches before they occur.
• Holistic Risk Response Plans: A comprehensive strategy for identifying, containing, and resolving cyber incidents.
• Data-Driven Assessments: Insurers use a combination of quantitative (e.g., data science, algorithms) and qualitative (e.g., vendor evaluations) methods to gauge your cybersecurity posture and determine appropriate coverage.

This is where Privileged Access Management (PAM) becomes indispensable. Privileged accounts hold the keys to your organization’s most sensitive data and systems, making them a prime target for attackers. PAM ensures these accounts are safeguarded by:

• Restricting Access: By enforcing least-privilege principles, PAM ensures that users only have the access necessary for their specific tasks, limiting the attack surface.
• Just-in-Time Access: PAM enables temporary, on-demand permissions, granting access only when needed and automatically revoking it afterward to minimize exposure.
• Real-Time Monitoring: Continuous tracking of privileged account activity helps detect unusual behavior, such as unauthorized access attempts or suspicious changes, allowing threats to be mitigated before they escalate.
• Audit-Ready Reporting: PAM solutions generate detailed logs and compliance reports, making it easier for organizations to demonstrate their readiness to insurers and regulators.

By implementing PAM, companies can not only meet cyber insurance requirements but also enhance their overall security posture, safeguard against evolving cyber threats, and even lower their premiums.

At iC Consult, we make achieving cyber insurance compliance easier by delivering tailored cybersecurity solutions that address insurers’ demands. Our services minimize the likelihood of cyber incidents and also demonstrate robust security measures to your clients and stakeholders, building trust and credibility.

Ready to achieve insurance compliance with confidence? Read the full blog post here and get in touch if you need support!

iC Consult Spotlight: New Podcast Authenticate This! ??

Welcome to Authenticate This! – The Cybersecurity Leadership Podcast for CSOs and identity leaders navigating the complex world of identity. From real-life breaches to internal missteps and everything in between, we bring you authentic stories, hard-earned lessons, and actionable insights to help you lead with confidence when chaos strikes.

Our goal is to humanize identity, uncover actionable solutions, and explore the business of identity beyond the spreadsheet.

??? Our first episode is now live on Spotify, Apple Podcasts and YouTube! Join our hosts Tim York , VP of Channel Americas and Aaron Lentz , VP Advisory and Strategy, as they explore the human element in cybersecurity leadership, using real-world examples and practical insights. From understanding the nuances of deepfakes to thinking of identity tools as hammers, they share actionable strategies for influencing organizational culture and fostering effective collaboration.

Subscribe to Authenticate This! and be part of the journey toward #IAMExcellence!

Welcome Hila Meller as Chief Revenue Officer of iC Consult

As of January 1, 2025,?Hila Meller?has joined iC Consult as our new?Chief Revenue Officer (CRO). With over 25 years of experience in cybersecurity and Identity & Access Management, Hila brings a proven track record of transformative leadership that consistently drives growth and innovation. Her expertise uniquely positions her to lead iC Consult toward even greater success. ??? Read the press release here.

?? Be Part of our Upcoming Webinars

Fraud Attacks Rising: How to Stay One Step Ahead with a Modern Security Approach | 30 January 2025, 16:00 - 17:00 | Register here

Why Is Your Active Directory an Easy Target for Attackers? | 17 February 2025, 14:00 - 15:00 | Register here

?? Meet our Experts at Leading Cybersecurity Events

A lot will be happening across our regions! Here’s a look at the upcoming events over the next few months where you can meet the iC Consult team:

???? Cyber Security Summit, Philadelphia | 19 February 2025 | Register here

???? Rethink! IAM, Berlin | 23-25 March 2025 | Register here

???? Gartner Identity & Access Management Summit, London | 24-25 March 2025 | Register here

Join our CRO, Hila Meller, at a panel discussion.

???? One Identity UNITE, Prague | 24-28 March 2025 | Register here

Join our CEO, Volker Witzel, at the Industry Experts Roundtable on March 25, 2025 | 11:00 AM - 11:30 AM GMT+1

???? LSZ Security and Risk Management Kongress, Kitzbühel | 1-2 April 2025 | Register here

?? Don't miss out on the latest!

Subscribe to our newsletter for the freshest updates and follow iC Consult for more IAM insights.