CISOs Should Be Directing IAM Strategy - Here's Why
Security Boulevard, Friday, October 25th, 2024
Have you ever seen a beginner's Rubik's Cube? It only has four squares per side, and it's much easier to solve than its nine-square-per-side counterpart.
The comparison reminds me of how identity and access management (IAM) has evolved and how much more difficult it is to address for the modern enterprise.
Twenty years ago, the IAM strategy was more easily dictated by the IT department. However, enterprise security challenges have grown increasingly complex, and the threats to identities have too. Today, effective IAM must be a more stringent, security-focused strategy. While the day-to-day execution of IAM activities belongs to IT, the direction that outlines those actions should come from the CISO.
To understand why, let's delve into the emerging IAM challenges companies face and how a CISO's team is better equipped to address them.