Consumers don’t blur the line between identity and cybersecurity, so why should an enterprise?

Mark Cassetta   ·   Tuesday, October 31st, 2023

Over the past year there has been an uptick in security focused companies acquiring those companies in the identity sphere.

While identity has always been important to the overall process of cybersecurity, why is this happening now?

When we rewind the tape to the 2000s, that is when security emerged as its own function within an organization.

Security protected information, and data – building the moat around the enterprise to keep the information in.

As the cloud really started to emerge and be adopted, things like VPN that used to be the “perfect solution” started to become outdated. Zero Trust began to be a used term, highlighting that a strategy to reach it wasn’t going to be realized unless they started to think about identity.

Slowly but surely, security teams started to realize that identity was the true new perimeter.

Just like any other segments of technology, companies started popping up to find the best way to initiate identity management, but were still just a blip on the radar surrounding the constantly expanding cloud.

2020 brought it into focus

If an organization hadn’t already been tested, the pandemic forced identity management to be top of mind for the executive suite.

Suddenly, everyone was forced to work from home, meaning the data that was once protected by measures on-site was needing to be protected from all of their personal IPs.

This required the top brass, and even boards, to start discussing identity when it came to security, and bringing those who already knew how to successfully utilize identity management to the table.

The good news was, Zero Trust was already a topic of discussion and resources were out there already outlining the technologies and strategy to adhere to it.

There were already people waving the flag trying to get more notice to the importance of identity, but it never got the time of day until everyone realized it was immediately necessary.

Which meant finally, the two worlds of security and identity collided.

Zero Trust was not just a security paradigm by an enabler for business, and identity was finally identified as the stronghold that enabled Zero Trust to truly fall in place.

Small changes with big impact

Identity is tangible. We all have had clear identity experiences in our daily lives.

Logging into Gmail to check your email, social media to keep up with friends, even just using your fingerprint or facial recognition to use your smartphone.

Whereas security has traditionally gotten a bad reputation for putting “too many” roadblocks in front of people trying to access something personal or business-related because they don’t understand it.

They differ in several ways which is why they are finally being integrated, but especially in the experience due to what is understood through tangible use.

Identity can have a profound impact on the business by providing a secure experience for a secure, yet delightful, experience.

If implemented correctly, identity can actually allow a business to achieve the promise that security wants to have, which is enabling them to fluidly do what they want/need to on a daily basis while still staying as secure as possible.

The process of identity is extremely complicated on the back end and truly just a small piece of the overall cybersecurity puzzle.

However, implementing it more into the security thread has not only improved protection but also has shown more understanding on the user side, improving UI and security mainly due to the fact that it is understood.

Bottom line: Keep converging security and identity

Whether your organization already has an identity team separate from security, or is looking to acquire a company in the identity sector – you need to focus on true collaboration.

Not just throwing them all in the same room or team and expecting immediate integration.

You need to have a plan that you are able to fully support so that you truly get to a point where both of the teams are working together and see themselves as one.

Whether it just starts with actually communicating more frequently, or diving in to solve a problem, aligning them enables a bigger impact on the organization’s solution to access management problems as a whole.

Identity is finally being seen as important as it has always been, and with how much we use it in our day-to-day personal lives – it’s clear why security is finally acting on the need.