CISO Executive Network Roundtable: Managing Identities and Access

Allen O'Rourke was a panelist at the CISO Executive Network Charlotte chapter's virtual roundtable. The meeting's theme was "Managing Identities and Access." O'Rourke discussed issues of cybersecurity law.

Stolen credentials are the most effective attack vector. Continued attention on strong IAM controls is a staple of any effective information security program. Strong authentication, monitoring user account behavior, privileged account management, and least privileged access controls continue to be vital. Topics likely to be discussed included:

• Importance of strong authentication methods MFA and 2FA
• User and entity behavior analytics (UEBA)
• Value of incorporating IAM into SOC for better analytics
• Role of Identity Governance and Administration (IGA)
• Movement toward Identity-as-a-Service
• Challenge of managing identities from outside your enterprise
• Privileged Identity/Account Management (PIM/PAM)
• The role of identity and access management in Zero Trust models
• User lifecycle management including the use of roles