The National Cybersecurity Alliance and the Identity Defined Security Alliance (IDSA), present the first ‘Identity Management Day,’ an annual awareness event that will take place on the second Tuesday in April each year.
We heard from numerous cyber experts on identity management’s importance and how it has become an integral piece of creating a fortified cybersecurity posture.
“In the age of digital transformation, organizations are faced with a new set of Identity and Access Management challenges each day. Identity is becoming the new security perimeter. With less than a third of organizations implementing multi-factor authentication and another two-thirds sharing privileged access to systems and data, Identity and Access Management remain a significant concern. Due to legacy platforms, outdated policies, and limited integration, companies find it difficult to properly manage access to applications and data, putting their businesses at risk.
Identity Management Day is a great new channel to help raise awareness in the cybersecurity community and general workforce, highlighting the importance of structuring a secure Identity and Access Management program. As the industry trends towards a Zero Trust model, where network traffic is untrusted and requests to access any resource must be securely completed, next-generation IGA products are providing sleeker and automated ways to use AI and machine learning and help organizations be more preventive in granting access for both human and non-human accounts.”
Michael Magrath, Director, Global Regulations and Standards, OneSpan:
“In the U.S. we may be turning the corner and expect last year’s Improving Digital Identity Act to be re-introduced during the current congressional session while NIST is in the process of revising its Digital Identity Guidance. The government is playing a major role in verifying identities for public sector agencies as well as the private sector.
Another important recent development is the role governments are playing in verifying identities for public sector agencies as well as the private sector. For example, the U.S. Social Security Administration’s electronic Consent Based Social Security Number Verification (eCBSV) service verifies an individual’s name, date of birth, and SSN with consent of the individual when opening a bank account. Additionally, the HM Passport Office in the UK is piloting a similar service with passport information and pilots are also planned in the U.S. using passport data and current mailing address leveraging the State Department and Postal Service, respectively to verify identities. Technological advancements combined with government policy have advanced the adoption of FIDO authentication standards globally, while social distancing guidelines have made electronic signatures commonplace with more and more applications leveraging the technology being available including electronic wills, remote online notarization, electronic vehicle titling. Mobile driver licenses have been launched or are in pilots in several U.S. states which will enable Americans to prove who they are in a privacy enhancing way. Identity Management Day 2021 is exciting and I think we’ll look back to 2021 in a few years, admiring how far we have come.”