Is legacy IT and information security thinking increasing security risk to enterprises?
Risk to the enterprise and its customers is dramatically increasing, due to digital identity theft driven by collusion-based fraud taking advantage of increasingly complex enterprise ecosystems. It is the complexity of managing end-to-end enterprise ecosystem security that is increasing this risk.
The news has been full of breaches lately:
"Statistics from the South African Fraud Prevention Service show that identity theft has increased by 200% over the past six years.": 20 May 2017, IOL
"Revealed: 30-million ID numbers. Is this SA's biggest data dump? The information appears to relate to home ownership, and includes bond data and ID numbers": 17 October 2017, Businesslive.co.za
"In the wake of the Equifax data breach, consumers more at risk": 150 million American identities exposed on the Internet: 11 March 2018, CNBC
"Facebook hit by data security breach involving myPersonality quiz. A Facebook quiz taken by millions of users has reportedly shared their private information in a fresh data security issue for the social media giant.", 3 million Facebook users intimate personal details breached: 16 May 2018, News.co.au
"It's not over yet! Facebook warns of more data breaches", 87 million users impacted globally: 27 April 2018, The Economic times of India
Is regulation like the much-talked about European GDPR privacy laws enough to help curb the breaches or not?
While this regulation does force companies to put control of their user's privacy in the user's hands, this will be a very costly exercise to implement and govern throughout the enterprise's ecosystem.
"According to a PwC survey, 68% of US companies expect to spend between $1m and $10m to comply with GDPR", 19 April 2018, The Guardian
What is clear is that IT and information security thinking within the enterprise needs to change as the legacy way of managing access to enterprise applications and systems throughout the complex enterprise ecosystem of internal staff, contractors, vendors, partners and customers is no longer good enough.
What are the key technology trends that will help enterprises address these challenges more effectively?
Is legacy thinking in a siloed and complex enterprise ecosystem adding more risk to the enterprise for identity and information breaches?
These questions and more will be explored during a panel discussion on 23 May at the ITWeb Security Summit 2018 with identity and IT security strategist and attorney Professor David Taylor, joined by industry thought leaders Samresh Ramjith, Partner Cybersecurity from Ernest and Young and Vasilis Polychronids, CEO of iCrypto.
iCrypto is an identity mobile-centric enterprise security platform that enables enterprises to protect enterprise identities, information and transactional workflows throughout the enterprise's ecosystem and applications.
iCrypto will be showcasing its products and innovative technologies at the ITWeb Security Summit, southern Africa's definitive conference and expo for information security, IT and business professionals.
This year, over 70 expert speakers will deliver key insights across seven tracks, including workshops and training courses during the expanded five-day event. The ITWeb Security Summit will be staged at Vodacom World, Midrand, from 22 to 23 May 2018; and CTICC Cape Town on 29 May 2018. Focused and interactive workshops as well as in-depth training courses will be run in the days around the main conference and exhibition.
For more information, go to www.securitysummit.co.za.
For information on Security Summit Cape Town, go to http://v2.itweb.co.za/event/itweb/security-summit-ct-2018/