Our cyber security journey started with strong identity and access management foundations. The world is changing, driven by the economics of cloud, the productivity of new collaboration technologies, and with the menace of cyber crime encroaching on our personal and working lives. As an organisation, we’ve had to evolve to meet the latest demands of our customers.
THE FUTURE IS HERE… AND IT’S IDENTITY-DRIVEN SECURITY
We’ve been on a journey over the last few years, building and developing our identity-driven security business.
Market demands and an evolution of thinking towards security mean that we’ve arrived at our destination sooner than we thought.
A whole host of very public fails, and the impending increased responsibility and financial impact of GDPR, combined with the public’s perception of organisations’ data security is fuelling the awareness and demand for improved cyber security.
The good news is we’ve been planning and preparing for this, and have been enjoying excellent support from Microsoft as they wrap security and mobility solutions and technologies around the Azure AD cloud identity service.
We are also seeing a shift in demand, with identity being driven by security and governance, rather than just by efficiency and agility, which was the case in the past.
Our foundations of identity are also the foundations of secure productive working.
Gartner’s IAM Summit
Earl Perkins spoke about cyber security trends at an identity and access management conference!
I was at Gartner’s IAM Summit a few weeks ago where there was a noticeable shift. Security, identity, access and governance were all together.
It’s clear that identity and access are key, and expand far beyond people, through to managing data and devices. Earl encouraged us to think about managing risk while providing resilience and usability.
A big takeaway for me: we should spend more on detection and prediction, rather than just prevention, as the evolving bad people will get in.
Identity, mobility and good security
In preparation for this shift, driven by market needs, we have developed three symbiotic practices of Identity, Mobility and Cyber Security.
Our identity practice has expanded beyond employees, and now incorporates customer identity and access management (CIAM), for both B2C and B2B demands. So, for employees and customers, we deliver all the good things of managing and controlling access; proving identity, integrating identity stores, securing data and services, and expanding into governance.
Enterprise mobility has expanded to include more security components for protecting people, securing endpoints and protecting data in a world shifting from the traditional security perimeter to enabling mobile working practices.
Finally, good security requires policy and governance, to define the rules of how we should work, and how we educate, prepare and empower the most important component in a security mode: the people using it and working within it. It also helps us define what technology to deploy and how we would like it to work.
Introducing Geraint Jones…
With that in mind, we have brought in expertise to help develop our Cyber Security practice. Geraint Jones started with OCG a few months ago as Head of Cyber Security.
We first met over 10 years ago when Geraint was at Gemalto. In those 10 years, we have been working towards identity-driven security, and Geraint has been working on developing programmes of change around cyber security.
It’s clear that GDPR has provided a focus and is making people think. Now security is key to the success of our customers as they use the cloud, become mobile, share more and work with other parties. Our customers expect more from us. They want solutions with security baked in.
Recently, we were with Microsoft in the US planning the next wave of security services and solutions, and look forward to telling you all about it in our upcoming roundtables and webinars.
Binge-watching Mr. Robot
At the Gartner IAM Summit, I saw a presentation by Misha Glenny, a British journalist who specialises in global organised crime and cybersecurity. It really opened my eyes to the changing world of crime and security.
The outcome of his session was that I bought lots of copies of ‘DarkMarket’ and binge-watched Mr Robot through the weekend.
Watch our GDPR webinar to find out how much of an impact new compliance requirements and financial penalties will have on your company’s cyber defence strategy.
If you’d like to find out how prepared your organisation is to defend itself against an attack, answer 7 short questions in our online Cyber Security Assessment.
It will only take a couple of minutes, and you will receive a tailored report with recommendations and actions for improvement.Take Cyber Security Assessment