Identity Management Blog

Happy 2011 everyone. Best wishes in this New Year. May this year bring you closer to your dreams and goals.
Read More
2010 has been a very eventful year for identity.   It has been a solid year chock full of M&A activity and innovations – all good signs that Identity and Access Management (IAM) continues to be a vibrant and relevant space in the information security market.  Below are some rants on my perspective of the events in IAM in 2010.
This past summer was filled with news stories about the Stuxnet malware, a newly detected cyber worm with 'search and destroy' capabilities aimed at destroying real-world physical targets. Stuxnet is the stuff cyber-nightmares are made of. Here's a little blurb in wikipedia regarding Stuxnet that might keep you up at night:
Last week, I attended ArcSight’s Protect 10 User Conference, and just like last year, it was an exciting and informative event.  Without a doubt, HP’s acquisition of ArcSight brought more excitement to this event this year.
The recent acquisition of ArcSight by HP for $1.5B announced this past Monday inspired me to write this blog article (writer’s block is a thing of the past with all of these announcements).  It is exciting to see all of this activity in the information security industry, particularly after an intense prior week in the strong authentication arena.
After reading very interesting posts by Earl Perkins at Gartner, an article from Deloitte on financial institutions making Identity and Access Management (IAM) their #1 priority, and my friend Nishant Kaushik's recent series on Federated Provisioning and the Cloud, which is brilliant and thought provoking (nicely done Nishant); I felt compelled to chime in.
As previously announced, on Tuesday May 11th, 2010, we hosted a webinar focused on PPL's strategy for streamlining and automating compliance with NERC CIP requirements and other regulations, such as SOX and FERC, by leveraging an Identity and Access Management (IAM) solution.
For some time now, we have been talking about identity activity monitoring. I alluded to it in a previous blog post. I will elaborate on it here.
First off, I would like to express my sympathy to victims of the terrible earthquake that hit Haiti. I can only wish that the rescue and recovery efforts yield positive results.