In today's ever evolving digital landscape, industry leaders have embarked on Digital Transformation journeys to reap the benefits this new world brings. Yet the already competitive environment is fraught with cyber threats that threaten both the data and identities of multiple stakeholders. AdNovum Singapore therefore organized a Roundtable Luncheon with IDC and IT leaders from almost twenty established businesses, to explore the importance of identity management and how it supports digital transformation by minimizing business risks.
IDC On Identity Management and Security Strategies
Simon Piff, VP of Security and Blockchain Research at IDC, started with the topic of Digital Transformation and how it was crucial if businesses wanted to tap on the benefits that the digital age could deliver. Digital Transformation wasn't without disadvantages though, as Simon indicated that the threat landscape has evolved and cyber-attacks are no longer random but orchestrated and coordinated between several skilled individuals. The other challenge was regulations revolving around data and identity, with the General Data Protection Regulation (GDPR) and Personal Data Protections Act (PDPA) being brought into the spotlight.
To further emphasize his point, Simon brought up the fact that businesses in Singapore have lost over $40 million to email impersonation scams, with one case amounting to $5.7 million. In addition, the successful cyber-attack on SingHealth resulted in the compromise of 1.5 million patients' records. On a slightly more positive note, Simon added that SingHealth's response, from the temporary internet surfing separation to informing their patients via text messaging, was prompt and highly professional. Other attacks reported in Singapore included various forms of cybercrime, phishing, malware and ransomware.
Simon summarised that businesses should focus on maintaining full control over the data and identities of their stakeholders, from customers to partners, to drastically minimize risks. Strong identity management should be the core of security strategies as businesses expect more disruptions and advanced threats in future.
AdNovum's Recommendations on Identity Management
The next speaker was Tom Sprenger, Global CTO of AdNovum, and he discussed how Identity and Access Management (IAM) would not only improve security, but also enable businesses in tapping the rapidly growing e-commerce community in Southeast Asia. With around 3.8 million new users coming online every month, the said e-commerce goldmine is expected to grow to $200 billion by 2025.
He shared that AdNovum has been fortunate to have our security solutions trusted by the Swiss and Singapore governments, as well as established brands in the private sector. In turn, he hoped that IT leaders in the room might benefit from AdNovum's perspectives on how to leverage innovative IAM solutions.
Recommendation #1: Businesses to include identity management into the framework of one's system and not as an afterthought. This would prevent identity sprawls, bring down security risks, contribute to faster go-to-market and also enable a more holistic view of the data at hand, which can be leveraged on for other strategic uses.
Recommendation #2: Businesses to consider social logins when planning the customer's online experience. The FAMGA (Facebook, Apple, Microsoft, Google and Amazon) for instance, possesses massive subscription bases and can be excellent leverage for shortening the acquisition process by reducing friction during customer onboarding.
Recommendation #3: Implement continuous authentication using behavioural analytics. Considering that 80% of IOT and 71% of mobile apps are not tested for security vulnerabilities, security needs to be highly flexible and intuitive if it is to stay ahead of cyber attackers. Behavioural analytics incorporates the 'how' element by recognising the user's behaviour across many aspects, including typing speed, swiping pattern and mouse movements just to name a few. This increases security considerably and helps prevent identity theft, account takeovers and session hijacking. In addition, the entire process is invisible to the end user, hence providing a frictionless experience.
Recommendation #4: Businesses to adopt privacy-first approach with their identity management solution. Customers are increasingly concerned about how their data is being used and will feel reassured when working with a brand that can satisfy this need for privacy. This approach also helps businesses navigate data privacy laws that continue to evolve
The final and more engaging segment of the event was the roundtable discussions. Most of the participants resonated with the focus on identity management and a couple of them said that IAM formed the foundation for how their customers and employees' data were managed. Those from the insurance sector agreed that centralised identity management is a goal they were working towards.
Questions revolved around topics that included the impact of cross-border data privacy laws and how IT security is still being viewed as an IT problem, separate from business problems. Unless multiple stakeholders supported the notion, security plans will hardly come to fruition.
In summary, around 40% admitted to not having a comprehensive IAM strategy that enhances both business and security. Over 60% understood that they needed to reassess their IAM strategy within the next six to twelve months.
To learn more about our IAM solutions, click here or contact us at 6536 0668 to speak with a consultant.