Identity Risk
Identity Risk is the likelihood and potential impact of identity-based attacks or access control failures. It encompasses the risk of account compromise, privilege escalation, lateral movement, and unauthorized access.
# WHAT TEAMS RUN INTO
- —
Identity risk is context-dependent. Risk changes based on who the user is, what they can access, what systems they can reach, and what an attacker could do with that access. Static risk scores miss this context.
- —
Identity risk is downstream of other risks. If a system is compromised, the risk of lateral movement depends on identity controls. If an account is compromised, risk depends on what that account can access. Identity risk is only one component of total risk.
- —
Risk quantification is subjective. Different organizations have different risk tolerances. What counts as acceptable risk in one organization might be unacceptable in another.
# WHY IT MATTERS
Identity Risk is the amplifier of security risk. A vulnerability in a system might be harmless if only unprivileged users can reach it. A vulnerability in a system that privileged accounts use becomes catastrophic. Understanding identity risk requires understanding what can be accessed through each identity and what impact compromise would have. Organizations that understand their identity risk can allocate resources to protect the most critical access paths.