Vol. 3 No. 1 (2023): African Journal of Artificial Intelligence and Sustainable Development
Articles

The role of IAM in preventing cyberattacks

PDF
  • Sairamesh Konidala,
  • Jeevan Manda,
  • Kishore Gade
Sairamesh Konidala
Vice President at JPMorgan & Chase, USA
Jeevan Manda
Project Manager at Metanoia Solutions Inc, USA
Kishore Gade
Vice President, Lead Software Engineer at JP Morgan Chase, USA
Cover

Published 07-02-2023

Keywords

  • Identity and Access Management,
  • Cybersecurity
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

How to Cite

[1]
Sairamesh Konidala, Jeevan Manda, and Kishore Gade, “The role of IAM in preventing cyberattacks ”, African J. of Artificial Int. and Sust. Dev., vol. 3, no. 1, pp. 538–560, Feb. 2023, Accessed: Dec. 28, 2024. [Online]. Available: https://africansciencegroup.com/index.php/AJAISD/article/view/231

Abstract

Identity and Access Management (IAM) is a cornerstone of modern cybersecurity, playing an indispensable role in preventing cyberattacks by ensuring that only authorized individuals can access sensitive systems, data, and applications. It combines technologies, processes, and policies to verify identities, enforce access controls, and monitor user activities, mitigating risks associated with external attackers and insider threats. Critical components of IAM, such as role-based access control (RBAC), multi-factor authentication (MFA), and privileged access management (PAM), create layered defenses that significantly reduce the attack surface. RBAC ensures users have access strictly based on their job responsibilities, adhering to the principle of least privilege. At the same time, MFA adds an extra layer of security by requiring multiple forms of verification before granting access. PAM provides additional protection by managing and auditing privileged accounts, often prime targets for cybercriminals. IAM is equally crucial for regulatory compliance, helping organizations meet the stringent requirements of standards such as GDPR, HIPAA, and SOX, which mandate the protection of sensitive data and detailed access auditing. Real-world examples highlight IAM’s effectiveness, such as its role in minimizing the impact of phishing attacks by implementing MFA to protect user accounts or preventing data exfiltration through automated anomaly detection and alerts for unusual access patterns. IAM systems also support remote work environments by enabling secure and seamless access to enterprise resources while reducing the risk of unauthorized access in distributed settings. Additionally, IAM solutions facilitate identity lifecycle management, automating user onboarding and offboarding processes to ensure accounts are created and terminated in alignment with organizational policies, reducing the risk of exploited dormant accounts. By integrating IAM into broader security frameworks, organizations can adopt a proactive approach to cyber defense, leveraging advanced analytics to detect threats in real time and applying policy-based controls to neutralize potential risks swiftly.

PDF

Downloads

Download data is not yet available.

References

  1. Balan, M. (2022). AI-Powered IAM and Threat Intelligence: Safeguarding Patient Data in the Age of Cybersecurity Breaches.
  2. Syed, F. M., & ES, F. K. (2020). IAM for Cyber Resilience: Protecting Healthcare Data from Advanced Persistent Threats. International Journal of Advanced Engineering Technologies and Innovations, 1(2), 153-183.
  3. Harvey, W. (2022). AI and IAM: Revolutionizing Ransomware Defense Strategies for Healthcare Organizations.
  4. Hussain, A. (2020). Preventing Data Breaches in Healthcare: The Impact of AI-Driven Identity Access Management.
  5. Rehman, N. (2021). Advanced IAM Analytics for Mitigating Cybersecurity Risks in Pharmaceutical Operations.
  6. Süzen, A. A. (2020). A risk-assessment of cyber attacks and defense strategies in industry 4.0 ecosystem. International Journal of Computer Network and Information Security, 14(1), 1.
  7. Shaik, M. (2018). Reimagining Digital Identity: A Comparative Analysis of Advanced Identity Access Management (IAM) Frameworks Leveraging Blockchain Technology for Enhanced Security, Decentralized Authentication, and Trust-Centric Ecosystems. Distributed Learning and Broad Applications in Scientific Research, 4, 1-22.
  8. Trim, P. R., & Lee, Y. I. (2021). The global cyber security model: counteracting cyber attacks through a resilient partnership arrangement. Big Data and Cognitive Computing, 5(3), 32.
  9. Sadhu, A. K. R. (2021). Reimagining Digital Identity Management: A Critical Review of Blockchain-Based Identity and Access Management (IAM) Systems-Architectures, Security Mechanisms, and Industry-Specific Applications. Advances in Deep Learning Techniques, 1(2), 1-22.
  10. Alhayani, B., Abbas, S. T., Khutar, D. Z., & Mohammed, H. J. (2021). Best ways computation intelligent of face cyber attacks. Materials Today: Proceedings, 26-31.
  11. Sani, A. S., Yuan, D., Yeoh, P. L., Qiu, J., Bao, W., Vucetic, B., & Dong, Z. Y. (2019, August). CyRA: A real-time risk-based security assessment framework for cyber attacks prevention in industrial control systems. In 2019 IEEE Power & Energy Society General Meeting (PESGM) (pp. 1-5). IEEE.
  12. Kim, B. I., Im, C. T., & Jung, H. C. (2011). Suspicious malicious web site detection with strength analysis of a javascript obfuscation. International Journal of Advanced Science and Technology, 26, 19-32.
  13. Mohammed, I. A. (2017). Systematic review of identity access management in information security. International Journal of Innovations in Engineering Research and Technology, 4(7), 1-7.
  14. Chapman, I. M., Leblanc, S. P., & Partington, A. (2011, April). Taxonomy of cyber attacks and simulation of their effects. In Proceedings of the 2011 Military Modeling & Simulation Symposium (pp. 73-80).
  15. Malik, S., & Sun, W. (2020, February). Analysis and simulation of cyber attacks against connected and autonomous vehicles. In 2020 international conference on connected and autonomous driving (MetroCAD) (pp. 62-70). IEEE.
  16. Gade, K. R. (2022). Data Catalogs: The Central Hub for Data Discovery and Governance. Innovative Computer Sciences Journal, 8(1).
  17. Gade, K. R. (2022). Data Lakehouses: Combining the Best of Data Lakes and Data Warehouses. Journal of Computational Innovation, 2(1).
  18. Boda, V. V. R., & Immaneni, J. (2022). Optimizing CI/CD in Healthcare: Tried and True Techniques. Innovative Computer Sciences Journal, 8(1).
  19. Immaneni, J. (2022). End-to-End MLOps in Financial Services: Resilient Machine Learning with Kubernetes. Journal of Computational Innovation, 2(1).
  20. Nookala, G., Gade, K. R., Dulam, N., & Thumburu, S. K. R. (2022). The Shift Towards Distributed Data Architectures in Cloud Environments. Innovative Computer Sciences Journal, 8(1).
  21. Nookala, G. (2022). Improving Business Intelligence through Agile Data Modeling: A Case Study. Journal of Computational Innovation, 2(1).
  22. Katari, A., Ankam, M., & Shankar, R. Data Versioning and Time Travel In Delta Lake for Financial Services: Use Cases and Implementation.
  23. Katari, A. (2022). Performance Optimization in Delta Lake for Financial Data: Techniques and Best Practices. MZ Computing Journal, 3(2).
  24. Komandla, V. Enhancing Product Development through Continuous Feedback Integration “Vineela Komandla”.
  25. Komandla, V. Enhancing Security and Growth: Evaluating Password Vault Solutions for Fintech Companies.
  26. Thumburu, S. K. R. (2022). Post-Migration Analysis: Ensuring EDI System Performance. Journal of Innovative Technologies, 5(1).
  27. Thumburu, S. K. R. (2022). Scalable EDI Solutions: Best Practices for Large Enterprises. Innovative Engineering Sciences Journal, 2(1).
  28. Gade, K. R. (2021). Data-Driven Decision Making in a Complex World. Journal of Computational Innovation, 1(1).
  29. Immaneni, J. (2021). Using Swarm Intelligence and Graph Databases for Real-Time Fraud Detection. Journal of Computational Innovation, 1(1).
  30. Nookala, G., Gade, K. R., Dulam, N., & Thumburu, S. K. R. (2020). Automating ETL Processes in Modern Cloud Data Warehouses Using AI. MZ Computing Journal, 1(2).
  31. Babulal Shaik. Automating Compliance in Amazon EKS Clusters With Custom Policies . Journal of Artificial Intelligence Research and Applications, vol. 1, no. 1, Jan. 2021, pp. 587-10
  32. Babulal Shaik. Developing Predictive Autoscaling Algorithms for Variable Traffic Patterns . Journal of Bioinformatics and Artificial Intelligence, vol. 1, no. 2, July 2021, pp. 71-90
  33. Babulal Shaik, et al. Automating Zero-Downtime Deployments in Kubernetes on Amazon EKS . Journal of AI-Assisted Scientific Discovery, vol. 1, no. 2, Oct. 2021, pp. 355-77
  34. Muneer Ahmed Salamkar. Batch Vs. Stream Processing: In-Depth Comparison of Technologies, With Insights on Selecting the Right Approach for Specific Use Cases. Distributed Learning and Broad Applications in Scientific Research, vol. 6, Feb. 2020
  35. Muneer Ahmed Salamkar, and Karthik Allam. Data Integration Techniques: Exploring Tools and Methodologies for Harmonizing Data across Diverse Systems and Sources. Distributed Learning and Broad Applications in Scientific Research, vol. 6, June 2020
  36. Muneer Ahmed Salamkar, et al. The Big Data Ecosystem: An Overview of Critical Technologies Like Hadoop, Spark, and Their Roles in Data Processing Landscapes. Journal of AI-Assisted Scientific Discovery, vol. 1, no. 2, Sept. 2021, pp. 355-77
  37. Muneer Ahmed Salamkar. Scalable Data Architectures: Key Principles for Building Systems That Efficiently Manage Growing Data Volumes and Complexity. Journal of AI-Assisted Scientific Discovery, vol. 1, no. 1, Jan. 2021, pp. 251-70
  38. Muneer Ahmed Salamkar, and Jayaram Immaneni. Automated Data Pipeline Creation: Leveraging ML Algorithms to Design and Optimize Data Pipelines. Journal of AI-Assisted Scientific Discovery, vol. 1, no. 1, June 2021, pp. 230-5
  39. Naresh Dulam, et al. “Serverless AI: Building Scalable AI Applications Without Infrastructure Overhead ”. Journal of AI-Assisted Scientific Discovery, vol. 2, no. 1, May 2021, pp. 519-42
  40. Naresh Dulam, et al. “Data Mesh Best Practices: Governance, Domains, and Data Products”. Australian Journal of Machine Learning Research & Applications, vol. 2, no. 1, May 2022, pp. 524-47
  41. Naresh Dulam, et al. “Apache Iceberg 1.0: The Future of Table Formats in Data Lakes”. Journal of AI-Assisted Scientific Discovery, vol. 2, no. 1, Feb. 2022, pp. 519-42
  42. Naresh Dulam, et al. “Kubernetes at the Edge: Enabling AI and Big Data Workloads in Remote Locations”. Journal of AI-Assisted Scientific Discovery, vol. 2, no. 2, Oct. 2022, pp. 251-77
  43. Naresh Dulam, et al. “Data Mesh and Data Governance: Finding the Balance”. Journal of AI-Assisted Scientific Discovery, vol. 2, no. 2, Dec. 2022, pp. 226-50
  44. Sarbaree Mishra. “A Reinforcement Learning Approach for Training Complex Decision Making Models”. Journal of AI-Assisted Scientific Discovery, vol. 2, no. 2, July 2022, pp. 329-52
  45. Sarbaree Mishra, et al. “Leveraging in-Memory Computing for Speeding up Apache Spark and Hadoop Distributed Data Processing”. Journal of AI-Assisted Scientific Discovery, vol. 2, no. 2, Sept. 2022, pp. 304-28
  46. Sarbaree Mishra. “Comparing Apache Iceberg and Databricks in Building Data Lakes and Mesh Architectures”. Journal of AI-Assisted Scientific Discovery, vol. 2, no. 2, Nov. 2022, pp. 278-03
  47. Sarbaree Mishra. “Reducing Points of Failure - a Hybrid and Multi-Cloud Deployment Strategy With Snowflake”. Journal of AI-Assisted Scientific Discovery, vol. 2, no. 1, Jan. 2022, pp. 568-95
  48. Sarbaree Mishra, et al. “A Domain Driven Data Architecture for Data Governance Strategies in the Enterprise”. Journal of AI-Assisted Scientific Discovery, vol. 2, no. 1, Apr. 2022, pp. 543-67

Similar Articles

You may also start an advanced similarity search for this article.