Elevating SaaS Security with NIST CSF and Agentic AI

In the race to innovate, many organizations are inadvertently creating critical security vulnerabilities by misconfiguring their SaaS environments, especially with the rise of agentic AI. The way we use software is evolving rapidly, with most organizations moving onto Software as a Service (SaaS) platforms to run their business, and (sometimes too) rapidly deploying agentic AI use cases.

The flexibility of SaaS platforms has businesses rushing to adopt new features without thinking about — let alone implementing — essential security best practices. A lack of planning can create a critical gap, potentially exposing valuable corporate data to unnecessary risk. How do we strike the right balance between rapid innovation and maintaining airtight security in a SaaS-first, AI-driven landscape?

First, it is vital for Information Security (InfoSec) professionals and those managing SaaS solutions to work together to implement effective security practices. Although the NIST Cyber Security Framework (CSF) is well known within InfoSec teams, SaaS teams may have never encountered it before. The CSF establishes a set of cybersecurity outcomes arranged in categories serving six main functions: Govern, Identify, Protect, Detect, Respond, and Recover.

This article is part of a series focused on closing the gap between InfoSec and SaaS platforms. The first article in this ‘Bridging the InfoSec ↔ SaaS Divide’ series dealt with how InfoSec professionals need to think differently to protect SaaS systems. Now it is time to consider how SaaS administrators should be more mindful of InfoSec principles and how they can apply these to their platforms. Let’s explore how applying standard security controls can significantly strengthen data protection in your SaaS environment.

Setting the Foundation: Security Governance

At the highest level, most organizations already have internal governance committees and processes to assess and manage risk associated with third-party service providers. This includes risk related to both SaaS applications and now, agentic AI applications. Governance provides necessary executive oversight, but it must also include a practical appreciation for the security considerations and challenges specific to SaaS.

To ensure risk-based decisions are informed by real-world experience and that policies can be practically implemented, it’s crucial that committees involving both InfoSec and SaaS align throughout the governance lifecycle. Corresponding to the Govern function of the NIST CSF, this approach specifically focuses on Cybersecurity Supply Chain Risk Management.

Current Focus: Identity and Access Management (IAM)

When securing SaaS systems, InfoSec teams and CISOs primarily focus on Identity and Access Management (IAM). A comprehensive IAM strategy is a key component of the Protect function in the CSF, organized under the Identity Management, Authentication, and Access Control category. In SaaS, the greatest IAM challenge is managing the accounts that have powerful privileges. Valuable lessons learned from the field include:

• Implement Just-in-Time Privilege Management: Wherever possible, eliminate “always-on” or “standing” admin privileges. Privileges should be elevated only when needed, for specific applications and tasks, and then automatically reverted.
• Distribute Privileges: Distribute specific administrative privileges based on the task required, rather than granting all administrators every privilege.
• Secure Emergency Accounts: Implement extra precautions for emergency “break glass” administration accounts, such as hardware tokens, password rotation, and IP restrictions. There should be a process to periodically test this precaution to ensure it is exercisable at the time of need (the emergency should not be the time to find out that the password has expired).
• Control App Integrations: Use a dedicated account for each third-party app integration and apply suitable security restrictions, such as certificates and IP restrictions. These accounts often require powerful permissions, which must be closely controlled, monitored, and regularly reviewed for applicability after installation.

Prioritizing SaaS Security: Configuration Management

Another high-priority area for CISOs and InfoSec teams is SaaS configuration management, which is also part of the CSF Protect function under Platform Security. This focus is necessary because the majority of cloud security incidents stem from avoidable misconfigurations.

Organizations must establish and implement secure configuration baselines, moving past the misconception that security is entirely the vendor’s responsibility. Tools that centralize management across multiple SaaS platforms can help maintain visibility into critical settings. However, no single security tool solves all SaaS configuration concerns; a combination of multi-SaaS solutions, on-platform security tools, and human expertise is required for a layered, defense-in-depth approach.

SaaS security is not a “set it and forget it” task – it requires continuous monitoring for unauthorized or accidental changes that cause the configuration drift from the secure baseline. Agentic AI can now be used to monitor and maintain these configurations at speed and scale, automatically detecting drift and resolving over-permissioning issues.

The “Soft Center”: Robust SaaS Data Security

Configuration management and IAM alone can create an “M&M approach” to security — a hard shell but a soft center. If an API key or legitimate user account is compromised, malicious attackers can bypass the shell and potentially exfiltrate sensitive information. Robust data security requires a combination of governance, identification, protection, and recovery elements articulated in the CSF.

To secure a SaaS environment, organizations must effectively implement data handling policies that precisely identify and safeguard the most valuable information, commonly referred to as data classification. Without adequate classification, sensitive information may not receive adequate data-at-rest protection, such as restricted access and field-level encryption. Additionally, SaaS data may not be appropriately masked in development or test environments.

Automated data masking techniques prevent real production data from being exposed in development and test environments, which typically have a lower level of security and more third-party contractors with access. If it is necessary to have Personally Identifiable Information (PII) in development and test environments, they must be managed and controlled with the same production rigor, as this data is still subject to Data Privacy Regulations. Again, this data classification process needs to be repeated periodically to account for regulatory, data policy, and administrative practices that could inadvertently expose data.

Strong SaaS security also involves maintaining the integrity and availability of data in the environment. As discussed in the previous article in this series, while protecting technology infrastructure resilience is the responsibility of the SaaS provider, the need for data-layer protection is articulated in the CSF as Backups of data are created, protected, maintained, and tested. Using SaaS data backups to precisely resolve problems and roll forward without shutting down the system is essential to achieve the CSF’s Recover function. SaaS owners need to inform Infosec and the risk committee how this approach is different from the traditional enterprise IT requirements of rolling back to a prior state. Robust SaaS data resilience enables secure innovation, which is especially crucial for agentic AI applications to have reliable information and privacy protection.

Watching for Threats: Continuous Monitoring

To cover the CSF’s Continuous Monitoring category, organizations need a comprehensive strategy for monitoring SaaS systems, which is a shared responsibility between vendors, SaaS administrators, and InfoSec teams.

The current InfoSec focus on IAM extends to monitoring of SaaS, with the most attention being given to authentication activities. However, InfoSec teams often lack the necessary training to understand and correlate SaaS logs, or how the SaaS systems function to detect threats like suspicious connected app activity or high-risk permission assignments.

Since most interactions with SaaS systems use API calls, security monitoring must include API events. An unexpected spike in API activities or sharing with external entities are potential red flags for data exfiltration that require urgent investigation. As a rule, any logging that shows data being exported from the environment should be carefully monitored, closely watched, and thoroughly validated.

Monitoring can be performed at an enterprise level by InfoSec and by SaaS teams using on-platform analytics dashboards. Both teams working together helps refine alerting and fill gaps. For instance, real-time SaaS security events require configuration for enterprise-level monitoring and may incur additional costs. Real-time response capabilities can be customized on the platform to automatically block unauthorized events, enabling SaaS data loss prevention. This customization can focus on protecting information labelled as sensitive, leveraging data classification. Agentic AI can also help automate threat monitoring operations to keep pace with the increasing scale and sophistication of cyberattacks.

Achieving a Unified Security Posture

Protecting SaaS goes beyond just checking the boxes of basic security. Achieving more secure and resilient systems is building a unified security posture across all functions of the NIST CSF:

• Governing SaaS applications effectively
• Identifying and protecting powerful user accounts
• Managing secure configurations and detecting drift
• Classifying, encrypting, and masking sensitive data
• Monitoring all platform and API activity
• Responding to policy violations in real-time
• Testing readiness to recover data from backup

A real-world example illustrates how these components work together to enhance SaaS security. An audit of HR data found that employee medical accommodation notes were not properly secured. Immediate action was taken:

• Identify/Govern: The fields were classified as Personal Health Information (PHI).
• Protect (Data Security): An additional layer of encryption was applied to these fields.
• Protect (IAM): Access to these fields was reduced from 23 roles down to three.
• Protect/Respond (Configuration/DLP): Automated real-time policy rules were configured to block unauthorized access and exfiltration.
• Protect (Secure Development): These fields are automatically masked when data is seeded into development and test environments.
• Detect/Govern: Access and alteration audit records are reviewed quarterly to ensure the integrity and confidentiality of the fields.
• Protect/Recover: The ability to restore just these fields from backup is tested quarterly.

Specialized tools, methodologies like DevSecOps for SaaS, and a clear understanding of the shared responsibility model are essential for reducing risk and enabling innovation, especially as we integrate new technologies like agentic AI applications.

What steps are you taking to bridge the InfoSec ↔ SaaS divide?