As we’ve been saying for some time, security is evolving from a network-centric approach to a user-centric approach as hackers have gotten more sophisticated at targeting the “human vector,” or identities. We’re at RSA Conference this week, and based on what we’re seeing and hearing from our partners, customers and even our competitors, they share this sentiment.
It’s exciting to see attendees of the world’s largest info security event focusing on identity, whether it’s through speaking sessions and booth interactions, or even conversations overheard in hotel lobbies. And it’s no surprise, with new data breaches in the headlines every day. The interactions we’re hearing about not only explore the challenges of identity, but also what the next step for our current customers will be.
- Identity governance remains a priority for global companies, and is gaining traction outside of IT as a strategic imperative to better mitigate data breaches. We also continue to hear from companies struggling with antiquated or homegrown solutions that simply cannot address the identity management challenges of today’s complex, hybrid IT environment.
- The “insider” threat isn’t going away, but is evolving to include well-meaning employees who are simply practicing security practices inefficiently. Issues like poor password hygiene, shadow IT and social engineering make it easier for hackers to gain the ability to compromise appropriate access and do significant damage. We heard repeatedly that the sophistication of attacks on identities is keeping security professionals up at night.
- Data governance is top of mind, particularly around unstructured data. We’ve had many conversations about how organizations should expand their identity management programs to address the risk associated with data.
As our time at RSA Conference has shown us, the security world is waking up to the importance of managing and securing identity. Follow us on Twitter to see our real-time impressions of identity’s place at the show.