Regulators’ increasing focus on cybersecurity is forcing executives and board members to implement and demonstrate robust security practices – but with cloud migrations significantly complicating security, Saviynt co-founder and chief growth officer Amit Saha advises companies to revisit their approach to identity security as part of any migration.
“Regulations are tightening up in terms of holding the leadership accountable,” he explained, noting that leaders need to consider how they are securing customer data, workforce data, and every other part of their operational environment.
The goal is “to improve their identity security posture to give the confidence that is needed to operate and interact with other businesses in the market,” Saha explained.
Many executives, he added, “are taking advantage of this mandate to evaluate how identity security plays a role in all types of business transformation.”
Such transformation has been a defining driver for IT strategy as cloud evolved from nice-to-have into basic data infrastructure over the past decade – leaving security executives figuring out how to reconstitute their identity security practices as, for example, complex ERP applications were moved into cloud-hosted environments.
Without a consistent and effective security infrastructure, companies can fall down at a crucial part of the cloud transformation – and that’s why Enrique Texeira, senior VP of strategy with Saviynt, advises companies to visibly elevate identity security leaders within their organisations.
“We see the industry almost putting the identity security leader at the same level as a CISO,” he explained, noting that CISOs are also becoming more identity-aware and calling the change “a reflection of where we see cyber security changing their needs as well.”
Those needs will continue to drive a top-down approach to identity security that must, Texeira said, become a permanent part of company culture to preserve identity’s role as the core of governance and compliance moving forward.
The most effective companies, he said, are working to become “more strategic and more deliberate around identity security, and to ensure that whatever commitments they are making to improve cyber security are something they can sustain in the future.”