An IAM Strategy for the Distributed Work EnvironmentPanel of Experts Offers Insights on Simplifying IAM Deployment
An identity and access management strategy for a distributed work environment must leverage advanced monitoring tools, according to a panel of experts who also offered other IAM insights.
Hong Kong-based Shane Read, former global CISO, Noble Group, and now a virtual CISO, says the IAM framework should include monitoring tools plugged into the SIEM platform to enable a SoC to trigger alerts faster for secure user access.
Another panelist, Hong Kong-based Parag Deodhar, director of information security, Asia Pacific, at VF Corp., an apparel and Footwear Company, adds: "IAM, a complex project, needs to be looked at from a new lens with the right strategy to establish the identity of the device and users' endpoints by collaborating with security and compliance."
The use of behavioral biometrics and a "zero trust" are also key components of an IAM strategy, says Virag Thakkar, president of the ISC2 Bangkok chapter.
In this video panel discussion, a part of the recent Information Security Media Group Virtual Cybersecurity Asia Summit: IAM, the experts discuss:
- Securing privileged access users against attacks;
- The evolution of new authentication standards in IAM;
- Simplifying IAM to enhance the security posture.
Deodhar, the director of cybersecurity and risk management for APAC at VF Corp., has more than 20 years of experience in enterprise risk management, specializing in operational risk, cybersecurity and fraud risk management.
Read is the virtual CISO for TJL Cyber. He was formerly the group CISO with Noble Group. Before this, he served in key roles within the Australian Federal government, including as the Department of Defense’s information systems security officer and Department of Climate Change’s information technology security adviser.
Thakkar, president of the ISC2 Bangkok chapter, has more than 20+years of experience in cybersecurity and information security, covering audit compliance, privacy frameworks, risk management and establishing security operations. He has worked across multiple industries, including e-commerce, energy, software product development and government.