With February behind us, the cybersecurity industry is about to experience a push toward the annual RSA Security Conference in San Francisco.  I expect around 50,000 people to attend this year, it ought to be crowded, loud, and extremely passionate. Now normally, identity and access management (IAM) is sort of a niche player at RSA.  Oh sure, there are plenty of biometrics, smart card, and security token vendors present, but IAM discussions are muted by a cacophony of noise around things like next-generation endpoint security, behavioral analytics, and CASB.  I can see why this was the case ten years ago but watering down IAM makes no sense today.  Why?  Allow me to relay the rationale from a CISO friend of mine.  He often describes the fact that IT is becoming more and more distributed – with mobile devices on one side and public cloud services on the other.  In other words, IT and security teams own and control less and less of the underlying IT infrastructure these days.  Now, when his organization was losing control of its IT infrastructure, this CISO decided it was worthwhile to bolster control in other areas.  So, in an IT world of mobility and public cloud computing, my CISO buddy firmly believes that there are now two primary security perimeters – data security and identity.  Thus, the impetus to ramp up our IAM (and data security) discussions at RSA.

Read full news article on CSOONLINE.com