Palo Alto Networks also cautions about the emergence of new threats against identity and access management in the cloud ecosystem that is rapidly growing in the Philippines.

Identity and access management (IAM) has become a primary cybersecurity concern as adoption of the cloud gains momentum in the Philippines. According to the research conducted by Palo Alto Networks through its threat intelligence unit, Unit 42, high-impact cloud breaches have increased by 235 percent, and adversaries are increasingly targeting IAM systems to achieve authorizing access through stolen credentials.

IAM token abuse has increased tenfold, according to Philippa Cogswell, the managing partner of Asia-Pacific and Japan at Palo Alto Networks. The current trend is that threat actors, instead of hacking in, now log in using valid IAM tokens and can elevate the privileges, bypass, and get inside with no detection.

IAM systems, once regarded as security barriers, have now become desirable targets. Some of the IAM policies that Cogswell focused on tightening include restricting access, casting out credential expiration, and auditing the permissions on a regular basis.

An unusual increase in the number of warnings of unfeasible journeys and bizarre reservation behavior, such as massive data downloading, is also reflecting growing levels of identity-based threats.

Cogswell asked companies to move along with behavior-based monitoring and merge IAM strategies among the IT, DevOps, and security teams. Advanced IAM tools play a critical role in protecting the new cloud perimeter, which is identity.