Identity and Security: It’s time for a hug

While the roles of identity and security practitioners have been around for a good long time, the two groups have not always operated with cohesion, even in the world today where the saying goes - identity is the new security perimeter.

Some of this separation has grown out of history – Active Directory has historically been managed by infrastructure teams, vendor and OS differences have increased tension, and even in organizations where “everyone is a security practitioner” is a motto, the separation between security and infrastructure teams is apparent.

We are at a turning point, and we have a choice of how to forge the path ahead. While we have a good set of identity-related security researchers, many identity and security practitioners at organizations are siloed, and many times working in different directions.

It’s time that we come together and build these relationships, even if the companies we work for are not forging them.

This talk will focus on how identity and security can effectively work together, both technically and culturally. The experience gathered for discussion is from my experience having worked in organizations with polarized teams, as well as my time at Microsoft and at Microsoft partners as a consultant, having had conversations, workshops and engagements with hundreds of customers covering topics around identity and security. It will also focus on the need to bring identity into the security conversations – not just from a technology perspective – as many security products focus on identity technologies – but from a cultural perspective within the industry.