Monique Adlerborn
Global Operations CISO, Orange Cyberdefense Sweden
In today's hybrid world, cyber threats have shifted focus - people have become the new frontline. As cybercriminals target identities instead of networks, cybersecurity must evolve. A robust approach rooted in identity management, Zero Trust principles, and enhanced visibility is essential for safeguarding our digital future.
The cyber threat landscape has radically transformed in recent years. What used to be a battle at the network edge has now become a fight to protect the identities of employees, partners, and customers. As we embrace hybrid work environments, the traditional concept of securing networks with firewalls and VPNs has lost its effectiveness. Cybercriminals no longer need to breach an entire organization’s defenses - they just need to compromise one person’s identity. This shift in focus marks a new era in cybersecurity: people are now the perimeter.
Monique Adlerborn, Global Operations CISO at Orange Cyberdefense, aptly explains this phenomenon:
“As the traditional network perimeter dissolves with the increasing prevalence of remote work, cloud services, and mobile devices, people have emerged as the new frontline in cybersecurity. This shift underscores the importance of recognizing that employees, customers, and partners are now integral to an organization's defense.”
With remote work becoming the new normal and cloud services booming, protecting identities and ensuring visibility into who accesses what becomes paramount.
Cybercriminals have learned that the easiest way into an organization is through its people. Identity theft and credential-based attacks are skyrocketing, making identity management the cornerstone of modern cybersecurity. Grant Paling, Product Director at Orange Cyberdefense Group, offers insight into this shift:
“Peoples’ identity is the new security perimeter because the network isn't a safe point anymore. If you have control of the right identity, you can move into a compute instance. And if you can move into an instance that has control over another identity, you can move to whatever that identity does.”
In other words, identity is the gateway to sensitive information and systems. Once compromised, it can lead to widespread damage, allowing attackers to move laterally within an organization, often undetected.
To effectively counter these threats, organizations are adopting a Zero Trust security model. Zero Trust operates on the principle that no one, whether inside or outside the organization, should be trusted by default. Every user and device attempting to access resources must be verified, authenticated, and monitored.
Zero Trust fundamentally reshapes how cybersecurity functions. Instead of relying on a solid outer defense, it focuses on securing identities, devices, and access points from within. Identity Management becomes a core part of this approach, enabling organizations to control who accesses their networks, applications, and data.
Monique Adlerborn elaborates on the need for layered defenses to protect people:
“To protect them, organizations implement multi-factor authentication (MFA), role-based access controls, secure endpoint devices, and other advanced measures. Regular security awareness training empowers individuals to recognize threats such as phishing, while behavioral monitoring detects anomalous activities that may indicate a breach.”
From MFA to endpoint security, the idea is simple: trust no one, verify everyone.
As the perimeter shifts to focus on people, it's clear that cybersecurity is no longer the sole responsibility of IT teams. Everyone has a role to play. From using strong passwords and enabling MFA to staying vigilant against phishing scams, everyone in an organization becomes part of the security apparatus.
Monique Adlerborn emphasizes this point:
“In the modern digital landscape, cybersecurity is a shared responsibility. Protect yourself by taking proactive steps: use strong, unique passwords, enable MFA, and avoid engaging with suspicious links or attachments. Exercise caution when using public Wi-Fi, keep software regularly updated, and ensure important data is backed up.”
This collective responsibility extends beyond just the workplace. In our personal lives, adopting secure practices can help prevent identity theft and data breaches, which are now among the most common forms of cybercrime.
Achieving robust security in today’s hybrid world requires transparency and visibility. Organizations need to know exactly who is accessing their systems, from where, and when. By tracking and monitoring access, they can detect and respond to threats in real-time.
Incorporating advanced visibility tools helps organizations gain insights into user behavior, device activity, and system vulnerabilities. This visibility, combined with Zero Trust principles, ensures that access is continuously authenticated and authorized, reducing the likelihood of an attack.
Monique Adlerborn sums it up best:
“Prioritizing the security of people is key to strengthening cybersecurity in today's decentralized digital environment.”
The days of relying on perimeter-based security models are long gone. In today’s highly connected and decentralized world, people are the new perimeter, and identity is the main attack surface.
The only way to effectively safeguard our digital lives is by adopting a people-first approach to cybersecurity - one that combines identity management, Zero Trust principles, and comprehensive visibility.
By doing so, we can protect not just our networks, but our most valuable assets: the people who use them.