The state of security and future of predictive identity

Written on 03/08/2021
Jarryd Neves

Tim Modise speaks to Andrew Whittaker of the Altron Group how they use AI to make predictive identity a business reality.

The Covid-19 pandemic has drastically changed the face of IT work environments and so security must evolve. However this should be balanced with the need to reduce workload that compliance places on line of business. Listen to the podcast below to learn more about Altron Security’s offerings and how they, as Identity Security leaders, use AI to make predictive identity a business reality.

Andrew Whittaker on Altron’s attitude toward security:

Security is vitally important to Altron. It’s pervasive across our group and everything that we do. But additionally, it’s also something that we’re partnering with South African customers, to help them address the challenges – especially coming out of Covid – that a larger attack surface is creating. Not only do we do security in everything, but we also have a dedicated division, which I lead, called Altron Security. The aim here is to assist our customers in really understanding what the challenges are that are going to move the needle most. 

On the effects of Covid-19, working from home and remote work had on this area:

Just before the lockdown happened, organisations were grappling with all sorts of disruptive technologies that were changing things for the better. Cloud means that we don’t need to have large IT assets on-site anymore. We can be using services that we subscribe to on the internet. Digital transformation has been changing the landscape for many years, for what consumers expect from brands.

I think a lot of organisations were already trying to grapple with all these challenges and how we secure all these new things. Then Covid happened, everybody went home and all of a sudden the things that we were trying to access from an IT perspective were on the Internet. Our users were sitting at home and all the great security controls that people had invested in were sitting back at the office, not really being effective in securing anymore.

Over the last year, we’ve seen a tremendous number of breaches across sectors here in South Africa – financial services, insurance, healthcare, sadly – and I think organisations, hopefully coming out of the first and second waves are now looking at how to adapt their IT organisations to better secure their environments. It’s not an easy journey, but there’s a lot of disruptive technology that can really help us to be able to more feasibly accommodate that.

On ‘Zero Trust’ networks:

There’s this principle today of ‘Zero Trust’. It is also called Identity Defined Security, where we know about all the identities that need to interact in our IT organisation – whether it’s the customer, the workforce, a device or a robot – we trust none of them. We verify every single one of them. We do that in a very strong way, to make sure we really know who the person is behind the transactions – not a username and password.

We’ve got great ways of doing that now, with mobile phones and the like. Then we ensure that they have the most ‘least privilege’ to do what they need to do at that moment in time. Gone are the days of people having large amounts of access to all of IT. They should only have the most minimal amount of access. What I’ve just said sounds easy [and] rolls off the tongue nicely – but actually, it’s incredibly complicated. Organisations [and] our customers are grappling with this massively. It’s not easy stuff.

However, if you approach it using some of the more modern disruptive technologies that are available today, I’m hoping it can be easy.

On the security market:

I think every industry in our country has taken a hit in the last 12 months. It has been very difficult to be able to do business and interact with customers. However, they are certainly certain investments that we see our customers still needing to make, to ensure that the right posture in their organisation is kept maintained, if not improved.

Security is one of those themes. Gartner have coined the term about the pandemic that’s about to hit cyber security – not the Covid-19 pandemic – but the repercussions of Covid-19. That is the impact of the last year and the change on the IT organisation, means that cyber security is going to have to massively catch up with this whole new IT world.

Everything looks different today. It’s architected differently, deployed differently. We were heading in the direction that we are today before the pandemic, but we certainly got there a lot quicker than what anyone expected. So certainly we’re seeing year on year growth in the cyber security field – there’s many areas in that. From an Altron Security perspective, we really think that they are four critical areas that our customers need to invest in.

Read also: