We’re excited to announce a significant expansion to our research and development efforts with the addition of 6 new Technical Working Group (TWG) subcommittees that encompass everything from the basics of best practices to innovations at the intersection of identity and security.
Through our Technical Working Group, IDSA technology and solution provider members come together to discuss the common challenges they are seeing across the customer landscape. The TWG representatives are product and solution leaders in their organizations with years of experience in their respective identity and security domains. They leave their “vendor hats” at the door and partner to examine the problem (or opportunity) and collectively develop practical guidance to help organizations achieve their security goals through identity.
The TWG subcommittees that have been chartered and the leaders of those groups are:
- Beyond Best Practices – expand on the current library of best practices, currently focused on identity and access management, to encompass best practices for implementing Identity Defined Security Outcomes and Approaches. TWG Leaders: Paul Lanzi, Remediant, Doris Yang, VMware
- DevSecOps – research and understand current DevSecOps strategies and approaches, identify opportunities and areas to elevate the role of identity. TWG Leader: Saravanan Thiyagarajan, CyberArk
- NIST Comparison – align IDSA body of work to established NIST frameworks such as, NIST Cyber Security Framework, NIST Privacy Framework and recommendations from The National Cybersecurity Center of Excellence. TWG Leader: Andy Smith, Centrify
- AI and identity – study how Artificial Intelligence (AI) and Machine Learning (ML) are redefining the way identity is viewed in authentication, access management, provisioning and analytics at the intersection with security, as well as, the pitfalls inherent in AI bias and how they can be avoided. TWG Leader: Adam Creaney, SailPoint
- Zero Trust – continue to evolve identity-centric zero trust concepts, relationship to other Zero Trust frameworks and expansion of existing content published by the IDSA. TWG Leader: Stefan Lesaru, Atos
- Customer Identity and Access Management – research and apply an identity-centric security lens to customer identity and drive the next generation of thinking. TWG Leader: Keith Graham, Strivacity
These new focus areas are in addition to the comprehensive TWG responsible for expanding the library of Identity Defined Security Outcomes and Implementation Approaches that was initially published in May. In addition, a TWG subcommittee was chartered earlier this year, focused on developing buyer guidance for organizations engaging with their vendors and solution providers to implement identity-centric security outcomes, led by Jennifer Kraxner of SecZetta.
Research published by the IDSA in May provided insight into the identity-related breach risks that still exists in organizations today. According to the study, 79% of organizations have suffered an identity-related breach in the last two years. However, organizations who focus on identity-centric security outcomes were far less likely to suffer a breach. All of the IDSA TWG’s are tasked with examining their respective focus areas and providing thought leadership, education and practical guidance to help identity and security leaders and practitioners to reduce that risk.
Interested in these topics? Contact us if you’d like to get involved and help bring identity + security together.
About the Author: Asad Ali, IDSA Technical Working Group chair, is a technologist at Thales with 25 years of experience, and a track record of technical innovation, research, development, team management and product delivery in the digital security space. He currently serves in the CTO office of Thales cyber-security business unit, and has been an evangelist for company-wide adoption of user-centered design and usable security framework. He has also represented Thales in technology Standards bodies (W3C, OpenID Foundation), industry technology alliances (CSA, IDSA), and academia outreach programs. He holds 10 patents and has over 40 publications in peer-reviewed technical journals and international conferences. Asad received a Master’s degree in Engineering from MIT.
