Ground Control to Major CRO: Is Identity Governance a risky experience?
- LANGUAGE: English DATE: Tuesday, June 02, 2015 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
In today’s fast changing world the digitalization of businesses is essential to keep pace. The new ABC – Agile Businesses Connected – is the new paradigm organizations must follow. They must connect to their customers, partners and associates. They must become agile to respond to the changing needs of the market. They must understand, manage, and mitigate the risks in this connected world. One important aspect of this is the governance of the ever-increasing number of identities – customers, things, together with their access.
Every access right is a potential risk and the greater the number of users, the larger the number of access rights, the higher the access risk. The objective of risk management is to reduce the business impact of a risk or the probability that it will occur. Both of these dimensions are very difficult to define and measure, in addition many technical controls are hard to relate to business objectives. In practice, access risk can be considered to be a combination of factors that can be used as key performance indicators associated with business groups, processes and applications to visualize how business risk changes over time in response to the implementation of policies and controls.
In this KuppingerCole Webinar, you will hear about:
- How the digitization of business is changing the risk landscape.
- Why identity governance is critical to managing these new risks – access is the new security perimeter.
- Why a business centric approach is needed – moving from entitlements to business activities.
- How identity governance reduces the cost of compliance as well as improving security posture.
In the first part of this webinar, Mike Small, Fellow Analyst at KuppingerCole, will talk about the challenges agile, connected businesses are facing. He will describe the changing threat landscape in connected enterprises and the need to support business agility through innovative solutions for the management of all identities and access. Knowing who has access to what is a key requirement to managing risk but this needs to be understood in a business rather than a technology context. He will describe Identity and Access Governance in the wider context of what is needed and the business value it provides. How the correct approach can reduce the cost of compliance as well as improving the risk posture.
In the second part, Andrea Rossi from IBM Security Systems, will describe how IBM understands and provides security for the new agile business connected, by supporting Identity and Access Governance in the context of business operations and by integrating IAM with real-time cyber threat intelligence.
Traditional security defenses are no match for today’s well-funded attackers, while disruptive technologies, like Cloud and IoT, introduce new vulnerabilities to exploit. IBM Security, with 8,000 professionals in 133 countries, delivers an immune system of security technology to detect and prevent threats and respond quickly and completely to breaches. During the past decade, IBM has invested more than $2 billion on security research and development, resulting in 3,700+ security-related patents, and acquired 20 security companies to build out its portfolio. Today, IBM Security addresses the evolving security landscape and 17,000 clients’ most critical needs with AI innovation in the cloud and intelligent orchestration. To learn how, please visit ibm.com/security.
Access Governance-Tools sind in der heutigen Business-IT ein unverzichtbares Element. Sie dienen dem Management von Benutzer- und Berechtigungsworkflows, der Vergabe von Zugangsrechten, der Durchführung von Kampagnen zur Zugriffszertifizierung und der Implementierung und Prüfung von Controls für die Funktionstrennung (SOD). Mit einer wachsenden Zahl von Business-Applikationen, gerade auch aus der Cloud, und ihrer Vernetzung wächst die Herausforderung, Access Governance übergreifend und automatisiert umzusetzen.