In overcoming the ancient concept of firewalled enterprise perimeters, securing identities has become the core element of a future driven Cybersecurity Mesh Architecture, with a composable approach of interconnected security controls – the Cybersecurity Fabric.
These Cybersecurity Meshes or Fabrics factually are nothing else than the concrete architecture and implementation of the Zero Trust paradigm, making this work in practice. In this session, we will start with a quick overview of these paradigms and their constituents, before showing how to adapt this to your current state of cybersecurity and your concrete cybersecurity requirements. Based on that, we will look at examples of such concrete architectures, the maturity levels, and on how to build your own roadmap towards the cybersecurity mesh/fabric that makes Zero Trust a reality.
None of us in this industry work with bricks and mortar or other tangible, real objects. Everything we do (in IT, not just Identity and Access) is instead a digital representation, an abstraction, of something that might exist in the real world.
Identity and Access is the glue for many of those digital representations, and this concept of representation may be the most important thing to understand when considering the different possible meanings of words.
People new to Identity and Access quickly find that many of the words they encounter have different meanings than they first thought. Most frequently encountered are probably “user” and “identity” - do they represent the same type of entity or is a difference intended? Do they refer to the physical, real life person or do they refer to a virtual, digital object somewhere within the IT systems? Or both at the same time? And since people are often reluctant to show weakness in front of perceived experts, questions are too often not being asked when unsure.
In any industry, a typical consequence of miscommunication is that the end product or project will have lower quality or take longer to get delivered. This presentation highlight how this problem of misunderstanding may be larger in our industry of Identity and Access than in others, discuss why that is, and what might be done to counter it.
The presentation offers examples of where terms are ambiguous (where definitions seem to vary across the industry) and it discusses ways to perhaps improve the situation.
The presentation is based on a corresponding article in the IDPro Body of Knowledge.
Fraud is a major cost to businesses worldwide. Cybersecurity Ventures estimates that cybercrime costs will reach $10.5 trillion by 2025. Banking, finance, payment services, and retail are some of the most frequent objectives of fraudsters, as expected. However, insurance, gaming, telecommunications, health care, cryptocurrency exchanges, government assistance agencies, travel and hospitality, and real estate are increasingly targeted as cybercriminals have realized that most online services trade in monetary equivalents. In this session we will look at critical capabilities for FRIPs and provide an overview on the solution market.
