SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Okta Identity Cloud adds Security Centre to enterprise plan
Fri, 26th May 2023

The independent identity provider, Okta, has announced Security Centre, a new feature that helps enterprise customers optimise their identity security posture. Security Centre leverages Okta Customer Identity Cloud insights to provide a single view of authentication events, potential security incidents, and threat response efficacy. It includes real-time data on companies' current state of attack protection, out-of-the-box threat monitoring on major identity attack vectors, and application-level visibility into authentication traffic.

Determining whether an organisation's identity security posture is too restrictive or too lax is not trivial. Customers need to parse through logs of third-party tools or build their own, which requires expert-level experience to identify attacks and respond to them effectively. Security Centre provides an improved way to visualise this data type directly from the Okta Customer Identity Cloud.

"By leveraging our expertise in identity security, we have created a solution that eliminates the learning curve and equips security teams with actionable insights. In a landscape where attacks on identity flows are becoming increasingly sophisticated, Security Centre revolutionises the way security professionals can combat identity threats. With the power of Okta Customer Identity Cloud security insights, CISOs, security operations professionals, and Identity teams can now swiftly detect and respond to potential incidents. Security Centre provides a streamlined view of the authentication event, threat response efficacy, and potential incidents, empowering organisations to optimise their security posture without impacting the bottom line,” says Phil Goldie, vice president and managing director of Okta ANZ. 

Security Centre leverages Okta Customer Identity Cloud security insights and provides a faster way to detect and respond to identity threats.

"Accurate detection alone doesn't ensure threat response is appropriate to the level of risk, given other business objectives like customer acquisition, retention, and growth," says Jameeka Aaron, Chief Information Security Officer, Customer Identity at Okta. "As attacks against identity flows get more sophisticated and evolve to bypass detection, security teams often have to go through a learning curve on their own production environments, which can mean delayed detection of attacks and consequent business losses. Security Centre leverages our focused expertise in identity security and packages it in a way that security operations professionals can understand and take action."

Account takeover attacks targeting everything from sensitive healthcare data to loyalty points are among the most common and costly cyber threats. Verizon's 2022 Data Breach Investigations Report (DBIR) found that 80% of corporate breaches involve compromised identity solutions. 

“Security Centre takes the work out of building your own tooling to identify and be able to respond to identity threats in a timely manner. Customers can understand their identity security landscape with a summary visualisation of major attack types, authentication events, and threat monitoring,” says Aaron. 

“Security Centre also allows companies to measure user experience impacts of attack protection features. Consumer-facing apps must balance security with user experience by minimising friction while maintaining appropriate protection against identity attacks. Security Centre shows app owners in near-real time UX effects of defence tactics, allowing them to adjust security and friction as relevant to their situation. Companies can fine-tune their attack protection strategy by seeing in near real-time how defence tactics like MFA, rate limiting, and CAPTCHA affect their applications. Security Centre is available for all Enterprise customers.”

Okta's customers in ANZ include Coles, ANZ Internet Banking Australia, REA Group, Flinders University, AIA, Oxfam, News Corp, and Xero.