Companies want to achieve a specific security outcome: spot threats and stop them before they cause harm. However, this task is becoming increasingly challenging. According to Forrester, the evolving nature of IT threats is the most common challenge cited by security decision makers.
Red Canary has detected a notable increase in cloud and identity-specific attack techniques in the past year, with T1218.004: Cloud Accounts rising from relative historical obscurity in our MITRE ATT&CK technique rankings to the fourth most prevalent such technique in the first six months of 2023. Your logical next move is clear: ensure you have visibility into your user (and especially admin) accounts and have the ability to sort through events and alerts to identify threats stemming from suspicious logins or user behavior.