Cyber Management Alliance, leading providers of cyber security training, educational webinars, events and executive interviews, discussed ‘security in a virtual world’ with Paul Ferron from CA Technologies, leaders in providing the software and expertise to drive digital transformation within organisations.
CA Technologies focuses on identity access management (IAM) to help understand the consumer and ensuring that a better service is delivered to drive trust in developing a digital relationship. Paul believes that it is important to give control back to the user, understand their preferences and attributes, as well as building improved innovations, new business models, to make this possible.
Paul said that the use of personal mobile devices has pushed forward the need for securing an organisation's corporate data and content, instead of just securing the device itself. From CA Technologies point of view, it's a case of understanding the context of the user and the information they want access to. He says:
“Understand the contextual and real time information about the user, which could be: where is he actually based, which device, which one of those parameters is he using? And by doing so, you can build a decision criteria process that actually enables the ability for those people to gain access.”
We asked Paul about CA Technologies’ term, the Security Eco-System. Paul explained that it's not just about the company anymore; the idea of building a strong company perimeter has been challenged by the increased use of the cloud, mobile devices and people working from home. It's now about the extended enterprise which drives business processes. Security models need to adapt and change into something that is more flexible, more capable of supporting and securing a ‘virtual business world’.
Paul expands on how the use of cloud and mobile devices, as well as underestimating the privileged user, administrators and networks, has created security gaps and breaches worldwide. At CA Technologies, when working with customers, it is important that the businesses have robust processes in place.
“It links back to the fundamental concept of an identity and that identity process access, the identity-centric access, because the administrator is nothing more than a very special use case of a user trying to get access to some information. But once you understand that special use case, you can also make your decision criteria different; more strong and robust.”
For more information on Cyber Management Alliance, their GCHQ certified CIPR training and other courses, webinars, Wisdom of Crowds live and virtual events, and executive interviews with cyber security thought leaders, click here or contact us today.